{"id":51074,"name":"cipher-base","ecosystem":"npm","repository_url":"https://github.com/crypto-browserify/cipher-base","issues_count":70465,"created_at":"2025-07-13T05:01:53.572Z","updated_at":"2025-07-13T05:01:53.572Z","purl":"pkg:npm/cipher-base","metadata":{"id":1525509,"name":"cipher-base","ecosystem":"npm","description":"abstract base class for crypto-streams","homepage":"https://github.com/crypto-browserify/cipher-base#readme","licenses":"MIT","normalized_licenses":["MIT"],"repository_url":"https://github.com/crypto-browserify/cipher-base","keywords_array":["cipher","stream"],"namespace":null,"versions_count":7,"first_release_published_at":"2015-09-26T21:01:59.671Z","latest_release_published_at":"2024-11-26T20:08:15.603Z","latest_release_number":"1.0.6","last_synced_at":"2025-07-08T17:20:31.670Z","created_at":"2022-04-09T04:29:39.996Z","updated_at":"2025-07-08T17:24:26.472Z","registry_url":"https://www.npmjs.com/package/cipher-base","install_command":"npm install cipher-base","documentation_url":null,"metadata":{"funding":null,"dist-tags":{"latest":"1.0.6"}},"repo_metadata":{"id":1611626,"uuid":"43222818","full_name":"browserify/cipher-base","owner":"browserify","description":"abstract base class for crypto-streams","archived":false,"fork":false,"pushed_at":"2024-12-21T10:00:26.000Z","size":43,"stargazers_count":18,"open_issues_count":1,"forks_count":36,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-07-06T12:05:36.743Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/browserify.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["ljharb"],"patreon":null,"open_collective":null,"ko_fi":null,"tidelift":"npm/cipher-base","community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"custom":null}},"created_at":"2015-09-26T21:00:28.000Z","updated_at":"2024-11-26T20:08:14.000Z","dependencies_parsed_at":"2025-02-15T05:34:56.675Z","dependency_job_id":"2d46395b-bfa8-4ba6-8495-a00366434164","html_url":"https://github.com/browserify/cipher-base","commit_stats":null,"previous_names":["crypto-browserify/cipher-base"],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/browserify/cipher-base","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/browserify","download_url":"https://codeload.github.com/browserify/cipher-base/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264312558,"owners_count":23589209,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"browserify","name":"Browserify","uuid":"6320506","kind":"organization","description":"","email":null,"website":"https://browserify.org","location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/6320506?v=4","repositories_count":74,"last_synced_at":"2024-04-07T00:20:23.117Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/browserify","funding_links":[],"total_stars":31562,"followers":99,"following":0,"created_at":"2022-11-02T16:18:55.080Z","updated_at":"2024-04-07T00:20:35.590Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/browserify","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/browserify/repositories"},"tags":[{"name":"v1.0.6","sha":"f5249f94611506ef35a8be4d48a3fc5ecf1fac63","kind":"tag","published_at":"2024-11-26T20:07:59.000Z","download_url":"https://codeload.github.com/browserify/cipher-base/tar.gz/v1.0.6","html_url":"https://github.com/browserify/cipher-base/releases/tag/v1.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/browserify/cipher-base@v1.0.6","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/tags/v1.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/tags/v1.0.6/manifests"},{"name":"v1.0.5","sha":"f03cebfdad1cba1d56614c58affa303b0fa2a43e","kind":"tag","published_at":"2024-11-17T18:06:23.000Z","download_url":"https://codeload.github.com/browserify/cipher-base/tar.gz/v1.0.5","html_url":"https://github.com/browserify/cipher-base/releases/tag/v1.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/browserify/cipher-base@v1.0.5","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/tags/v1.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/tags/v1.0.5/manifests"},{"name":"v1.0.4","sha":"bc18dc847050c34f11f7a0472ff13a76b53fedc6","kind":"tag","published_at":"2017-07-06T12:04:22.000Z","download_url":"https://codeload.github.com/browserify/cipher-base/tar.gz/v1.0.4","html_url":"https://github.com/browserify/cipher-base/releases/tag/v1.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/browserify/cipher-base@v1.0.4","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/tags/v1.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/tags/v1.0.4/manifests"},{"name":"v1.0.3","sha":"de2af9758ce75ef5f9a9bdaf0ba5312609a7e59a","kind":"tag","published_at":"2016-09-13T11:44:36.000Z","download_url":"https://codeload.github.com/browserify/cipher-base/tar.gz/v1.0.3","html_url":"https://github.com/browserify/cipher-base/releases/tag/v1.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/browserify/cipher-base@v1.0.3","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/tags/v1.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/tags/v1.0.3/manifests"},{"name":"v1.0.2","sha":"c295535e1eef90a587dba110c8799bfd68f75161","kind":"tag","published_at":"2015-10-23T18:30:06.000Z","download_url":"https://codeload.github.com/browserify/cipher-base/tar.gz/v1.0.2","html_url":"https://github.com/browserify/cipher-base/releases/tag/v1.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/browserify/cipher-base@v1.0.2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/tags/v1.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/tags/v1.0.2/manifests"},{"name":"v1.0.1","sha":"5f5eb4a23599806ef5f92aa25930ac0beeb35bd1","kind":"tag","published_at":"2015-09-26T22:00:47.000Z","download_url":"https://codeload.github.com/browserify/cipher-base/tar.gz/v1.0.1","html_url":"https://github.com/browserify/cipher-base/releases/tag/v1.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/browserify/cipher-base@v1.0.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/tags/v1.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/tags/v1.0.1/manifests"}]},"repo_metadata_updated_at":"2025-07-08T17:24:26.472Z","dependent_packages_count":387,"downloads":57342893,"downloads_period":"last-month","dependent_repos_count":655514,"rankings":{"downloads":0.03950909065022709,"dependent_repos_count":0.04558741228872357,"dependent_packages_count":0.14201916368865414,"stargazers_count":7.92035644164002,"forks_count":4.290940313876948,"docker_downloads_count":0.03630565086777625,"average":2.0791196788353914},"purl":"pkg:npm/cipher-base","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/npm/cipher-base","docker_dependents_count":10571,"docker_downloads_count":3686072054,"usage_url":"https://repos.ecosyste.ms/usage/npm/cipher-base","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/npm/cipher-base/dependencies","status":null,"funding_links":["https://github.com/sponsors/ljharb","https://tidelift.com/funding/github/npm/cipher-base"],"critical":true,"issue_metadata":{"last_synced_at":"2025-07-06T12:07:13.212Z","issues_count":12,"pull_requests_count":14,"avg_time_to_close_issue":40073486.166666664,"avg_time_to_close_pull_request":23424174.153846152,"issues_closed_count":12,"pull_requests_closed_count":13,"pull_request_authors_count":12,"issue_authors_count":12,"avg_comments_per_issue":4.25,"avg_comments_per_pull_request":2.7142857142857144,"merged_pull_requests_count":7,"bot_issues_count":0,"bot_pull_requests_count":0,"past_year_issues_count":1,"past_year_pull_requests_count":3,"past_year_avg_time_to_close_issue":26655.0,"past_year_avg_time_to_close_pull_request":195372.0,"past_year_issues_closed_count":1,"past_year_pull_requests_closed_count":3,"past_year_pull_request_authors_count":2,"past_year_issue_authors_count":1,"past_year_avg_comments_per_issue":3.0,"past_year_avg_comments_per_pull_request":1.3333333333333333,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":2,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/browserify%2Fcipher-base/issues","maintainers":[{"login":"BridgeAR","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/BridgeAR"},{"login":"dcousens","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/dcousens"},{"login":"ahdinosaur","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/ahdinosaur"}],"active_maintainers":[{"login":"BridgeAR","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/BridgeAR"}]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/cipher-base/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/cipher-base/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/cipher-base/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/cipher-base/related_packages","maintainers":[{"uuid":"ljharb","login":"ljharb","name":null,"email":"ljharb@gmail.com","url":null,"packages_count":548,"html_url":"https://www.npmjs.com/~ljharb","role":null,"created_at":"2023-04-08T20:52:27.348Z","updated_at":"2023-04-08T20:52:27.348Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/ljharb/packages"},{"uuid":"cwmma","login":"cwmma","name":null,"email":"calvin.metcalf@gmail.com","url":null,"packages_count":327,"html_url":"https://www.npmjs.com/~cwmma","role":null,"created_at":"2022-11-11T18:40:13.128Z","updated_at":"2022-11-11T18:40:13.128Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/cwmma/packages"},{"uuid":"dcousens","login":"dcousens","name":null,"email":"npm2023@dcousens.com","url":null,"packages_count":69,"html_url":"https://www.npmjs.com/~dcousens","role":null,"created_at":"2023-04-08T23:42:14.584Z","updated_at":"2023-04-08T23:42:14.584Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/dcousens/packages"}],"registry":{"name":"npmjs.org","url":"https://registry.npmjs.org","ecosystem":"npm","default":true,"packages_count":5058766,"maintainers_count":1028636,"namespaces_count":302518,"keywords_count":711745,"github":"npm","metadata":{"funded_packages_count":152753},"icon_url":"https://github.com/npm.png","created_at":"2022-04-04T15:19:23.081Z","updated_at":"2025-07-11T05:46:40.528Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/namespaces"}},"unique_repositories_count":69894,"unique_repositories_count_past_30_days":24,"recent_issues":[{"uuid":"4653427345","node_id":"PR_kwDOPip15c7l9_5o","number":4,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["size/XS","dependencies","javascript"],"assignees":[],"locked":false,"comments_count":7,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-12T23:59:02.000Z","updated_at":"2026-06-13T00:01:29.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":16,"packages":[{"name":"prismjs","old_version":"1.27.0","new_version":"removed","repository_url":"https://github.com/PrismJS/prism"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"handlebars","old_version":"4.7.7","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"ws","old_version":"8.11.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.20.11","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"express","old_version":"4.18.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"min-document","old_version":"2.19.0","new_version":"2.19.2","repository_url":"https://github.com/Raynos/min-document"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 11 updates in the /storybook directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [prismjs](https://github.com/PrismJS/prism) | `1.27.0` | `removed` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.5` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.7` | `4.7.9` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [ws](https://github.com/websockets/ws) | `8.11.0` | `8.21.0` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.20.11` | `7.29.7` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.2` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [min-document](https://github.com/Raynos/min-document) | `2.19.0` | `2.19.2` |\n\n\nRemoves `prismjs`\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck migration guide in \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/docs\"\u003edocs\u003c/a\u003e for details of all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 3.0.1 to 3.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.4...v3.0.5\"\u003ev3.0.5\u003c/a\u003e - 2026-06-12\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] escape CR, LF, and \u003ccode\u003e\u0026quot;\u003c/code\u003e in field names and filenames \u003ca href=\"https://github.com/form-data/form-data/commit/8777e67fbd0282d3dcba81f974fbdd91062c5b23\"\u003e\u003ccode\u003e8777e67\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/27c61a5deed84798be105c96605cb8bd00502dcd\"\u003e\u003ccode\u003e27c61a5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/6a8a1c6d04da36e15c80b16ecc4c0265082b3213\"\u003e\u003ccode\u003e6a8a1c6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/1a78b5dd05e508d67e97764d812ac7c6d92ea88d\"\u003e\u003ccode\u003e1a78b5d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/b22a64ef94ba4f3f6ff7d1ac72a54cca128567df\"\u003e\u003ccode\u003eb22a64e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/11d9f7338f18a59b431832a3562b49baece0a432\"\u003e\u003ccode\u003e11d9f73\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.2...v3.0.3\"\u003ev3.0.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/7fecefe4ba8f775634aff86a698776ad95ecffb5\"\u003e\u003ccode\u003e7fecefe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003ecross-spawn\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003epuppeteer\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/8261fcb8bf5944d30ae3bd04b91b71d6a9932ef4\"\u003e\u003ccode\u003e8261fcb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b82f59093cdbadb4b7ec0922d33ae7ab048b82ff\"\u003e\u003ccode\u003eb82f590\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/e5df7f24383342264bd73dee3274818a40d04065\"\u003e\u003ccode\u003ee5df7f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5a5bafee894fead10da49e1fa2b084e17f2e1034\"\u003e\u003ccode\u003e5a5bafe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.2\"\u003ev3.0.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/be3f3cf553978bac15a5182f1f3c3d2d38ccf229\"\u003e\u003ccode\u003ebe3f3cf\u003c/code\u003e\u003c/a\u003e v3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/6a8a1c6d04da36e15c80b16ecc4c0265082b3213\"\u003e\u003ccode\u003e6a8a1c6\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003ehasown\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/27c61a5deed84798be105c96605cb8bd00502dcd\"\u003e\u003ccode\u003e27c61a5\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/8777e67fbd0282d3dcba81f974fbdd91062c5b23\"\u003e\u003ccode\u003e8777e67\u003c/code\u003e\u003c/a\u003e [Fix] escape CR, LF, and \u003ccode\u003e\u0026quot;\u003c/code\u003e in field names and filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/9c82fcdf0858b2764060a87803a55375ffbee6ed\"\u003e\u003ccode\u003e9c82fcd\u003c/code\u003e\u003c/a\u003e v3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.7.7 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8 - July 27th, 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/dce542c9a660048d31f0981ac8a45c08b919bddb\"\u003e\u003ccode\u003edce542c\u003c/code\u003e\u003c/a\u003e v4.7.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8a41389ba5b2624b6f43a5463d8e2533b843a562\"\u003e\u003ccode\u003e8a41389\u003c/code\u003e\u003c/a\u003e Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2\"\u003e\u003ccode\u003e68d8df5\u003c/code\u003e\u003c/a\u003e Fix security issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/b2a083136b11e1da9f0f47a11f749a9830a49328\"\u003e\u003ccode\u003eb2a0831\u003c/code\u003e\u003c/a\u003e Fix browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/9f98c1629834abf8de5a127caff8a2eab03d2c12\"\u003e\u003ccode\u003e9f98c16\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/45443b4290475dfb7cec32a85d344f12ab345eb9\"\u003e\u003ccode\u003e45443b4\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Improve partial indenting performance\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8841a5f6d35096aee95d68e1e49636a4cb5c661e\"\u003e\u003ccode\u003e8841a5f\u003c/code\u003e\u003c/a\u003e Fix CI errors with linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e0137c26f2202593bca7cc25184e733e87d54709\"\u003e\u003ccode\u003ee0137c2\u003c/code\u003e\u003c/a\u003e fix: enable shell mode for spawn to resolve Windows EINVAL issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e914d6037ffb0dd371f7e4823cdb019732ae66d7\"\u003e\u003ccode\u003ee914d60\u003c/code\u003e\u003c/a\u003e Improve rendering performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/7de4b41c344a5d702edca93d1841b59642fa32bd\"\u003e\u003ccode\u003e7de4b41\u003c/code\u003e\u003c/a\u003e Upgrade GitHub Actions checkout and setup-node on 4.x branch\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jaylinski\"\u003ejaylinski\u003c/a\u003e, a new releaser for handlebars since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `on-headers` from 1.0.2 to 1.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/on-headers/releases\"\u003eon-headers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.0\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-7339\"\u003eCVE-2025-7339\u003c/a\u003e (\u003ca href=\"https://github.com/jshttp/on-headers/security/advisories/GHSA-76c9-3jph-rj3q\"\u003eGHSA-76c9-3jph-rj3q\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate CI pipeline to GitHub actions by \u003ca href=\"https://github.com/carpasse\"\u003e\u003ccode\u003e@​carpasse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/12\"\u003ejshttp/on-headers#12\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix README.md badges by \u003ca href=\"https://github.com/carpasse\"\u003e\u003ccode\u003e@​carpasse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/13\"\u003ejshttp/on-headers#13\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eadd OSSF scorecard action by \u003ca href=\"https://github.com/carpasse\"\u003e\u003ccode\u003e@​carpasse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/14\"\u003ejshttp/on-headers#14\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: use \u003ccode\u003eubuntu-latest\u003c/code\u003e as ci runner by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/19\"\u003ejshttp/on-headers#19\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: apply OSSF Scorecard security best practices by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/20\"\u003ejshttp/on-headers#20\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e👷 add upstream change detection by \u003ca href=\"https://github.com/ctcpip\"\u003e\u003ccode\u003e@​ctcpip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/31\"\u003ejshttp/on-headers#31\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✨ add script to update known hashes by \u003ca href=\"https://github.com/ctcpip\"\u003e\u003ccode\u003e@​ctcpip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/32\"\u003ejshttp/on-headers#32\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e💚 update CI - add newer node versions by \u003ca href=\"https://github.com/ctcpip\"\u003e\u003ccode\u003e@​ctcpip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/33\"\u003ejshttp/on-headers#33\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carpasse\"\u003e\u003ccode\u003e@​carpasse\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/12\"\u003ejshttp/on-headers#12\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/19\"\u003ejshttp/on-headers#19\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ctcpip\"\u003e\u003ccode\u003e@​ctcpip\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/31\"\u003ejshttp/on-headers#31\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jshttp/on-headers/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/on-headers/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/on-headers/blob/master/HISTORY.md\"\u003eon-headers's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.1.0 / 2025-07-17\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-7339\"\u003eCVE-2025-7339\u003c/a\u003e (\u003ca href=\"https://github.com/jshttp/on-headers/security/advisories/GHSA-76c9-3jph-rj3q\"\u003eGHSA-76c9-3jph-rj3q\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/4b017af88f5375bbdf3ad2ee732d2c122e4f52b0\"\u003e\u003ccode\u003e4b017af\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/b636f2d08e6c1e0a784b53a13cd61e05c09bb118\"\u003e\u003ccode\u003eb636f2d\u003c/code\u003e\u003c/a\u003e ♻️ refactor header array code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/3e2c2d46c3e9592f6a1c3a3a1dbe622401f95d39\"\u003e\u003ccode\u003e3e2c2d4\u003c/code\u003e\u003c/a\u003e ✨ ignore falsy header keys, matching node behavior\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/172eb41b99a5a290b27a2c43fe602ca33aa1c8ce\"\u003e\u003ccode\u003e172eb41\u003c/code\u003e\u003c/a\u003e ✨ support duplicate headers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/c6e384908c9c6127d18831d16ab0bd96e1231867\"\u003e\u003ccode\u003ec6e3849\u003c/code\u003e\u003c/a\u003e 🔒️ fix array handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/6893518341bb4e5363285df086b3158302d3b216\"\u003e\u003ccode\u003e6893518\u003c/code\u003e\u003c/a\u003e 💚 update CI - add newer node versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/56a345d82b51a0dcb8d09f061f87b1fd1dc4c01e\"\u003e\u003ccode\u003e56a345d\u003c/code\u003e\u003c/a\u003e ✨ add script to update known hashes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/175ab217155d525371a5416ff059f895a3a532a6\"\u003e\u003ccode\u003e175ab21\u003c/code\u003e\u003c/a\u003e 👷 add upstream change detection (\u003ca href=\"https://redirect.github.com/jshttp/on-headers/issues/31\"\u003e#31\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/ce0b2c8fcd313d38d3534fb731050dc16e105bf6\"\u003e\u003ccode\u003ece0b2c8\u003c/code\u003e\u003c/a\u003e ci: apply OSSF Scorecard security best practices (\u003ca href=\"https://redirect.github.com/jshttp/on-headers/issues/20\"\u003e#20\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/1a38c543e75cd06217b449531de10b1758e35299\"\u003e\u003ccode\u003e1a38c54\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003eubuntu-latest\u003c/code\u003e as ci runner (\u003ca href=\"https://redirect.github.com/jshttp/on-headers/issues/19\"\u003e#19\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/on-headers/compare/v1.0.2...v1.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for on-headers since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.11.0 to 8.21.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.21.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduced the \u003ccode\u003emaxBufferedChunks\u003c/code\u003e and \u003ccode\u003emaxFragments\u003c/code\u003e options (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a remote memory exhaustion DoS vulnerability (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eA high volume of tiny fragments and data chunks could be sent by a peer, using\nmodest network traffic, to crash a \u003ccode\u003ews\u003c/code\u003e server or client due to OOM.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer({ port: 0 }, function () {\nconst data = Buffer.alloc(1);\nconst options = { fin: false };\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e);\u003c/p\u003e\n\u003cp\u003ews.on('open', function () {\n(function send() {\nws.send(data, options, function (err) {\nif (err) return;\nsend();\n});\n})();\n});\u003c/p\u003e\n\u003cp\u003ews.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eclient close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eserver close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe vulnerability was responsibly disclosed and fixed by \u003ca href=\"https://github.com/Nadav0077\"\u003eNadav Magier\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIn vulnerable versions, the issue can be mitigated by lowering the value of the\n\u003ccode\u003emaxPayload\u003c/code\u003e option if possible.\u003c/p\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94\"\u003e\u003ccode\u003ebca91ad\u003c/code\u003e\u003c/a\u003e [dist] 8.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/2b2abd458a1b647d0b6033bd62a619c36189839a\"\u003e\u003ccode\u003e2b2abd4\u003c/code\u003e\u003c/a\u003e [security] Limit retained message parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/78eabe2a6677b231bf9c82601bde86ff91639490\"\u003e\u003ccode\u003e78eabe2\u003c/code\u003e\u003c/a\u003e [security] Add latest vulnerability to SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.11.0...8.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.20.11 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.18.2...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 0.1.7 to 0.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.1.13\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eFix backtracking (again)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImproved backtracking protection for 0.1.x, will break some previously valid paths (see previous advisory: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\"\u003ehttps://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eError on bad input\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd error on bad input values  8f09549\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eBacktrack protection\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to parameters  29b96b4\n\u003cul\u003e\n\u003cli\u003eThis will break some edge cases but should improve performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSupport non-lookahead regex output\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow a non-lookahead regex (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/312\"\u003e#312\u003c/a\u003e)  c4272e4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9\"\u003ehttps://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSupport named matching groups in \u003ccode\u003eRegExp\u003c/code\u003e\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for named matching groups (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/301\"\u003e#301\u003c/a\u003e)  114f62d\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/blob/v.0.1.13/History.md\"\u003epath-to-regexp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.1.13 / 2026-03-26\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/9fd0c879f232c2464591f56dd7c7edad7f45b4e0\"\u003e\u003ccode\u003e9fd0c87\u003c/code\u003e\u003c/a\u003e 0.1.13 (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/425\"\u003e#425\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/7ccf02cee33402f06ed2125085992ee9cd3a7c45\"\u003e\u003ccode\u003e7ccf02c\u003c/code\u003e\u003c/a\u003e fix: CVE-2026-4867\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/640e694c6fd971f78268439df9cf44040855e669\"\u003e\u003ccode\u003e640e694\u003c/code\u003e\u003c/a\u003e 0.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4\"\u003e\u003ccode\u003ef01c26a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/0c7119248b7cb528a0aea3ba45ed4e2db007cba4\"\u003e\u003ccode\u003e0c71192\u003c/code\u003e\u003c/a\u003e 0.1.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/8f095497d678c2ec3495a99ab3928748731e73ee\"\u003e\u003ccode\u003e8f09549\u003c/code\u003e\u003c/a\u003e Add error on bad input values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c827fcea751b2e9ec6ca68a1b95a82e438728868\"\u003e\u003ccode\u003ec827fce\u003c/code\u003e\u003c/a\u003e 0.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f\"\u003e\u003ccode\u003e29b96b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to parameters\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/ac4c2345622a10a09c7ec229e3c29740935d67d7\"\u003e\u003ccode\u003eac4c234\u003c/code\u003e\u003c/a\u003e Update repo url (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/bdb663527106d51f149b12f74fca1018c20c8a53\"\u003e\u003ccode\u003ebdb6635\u003c/code\u003e\u003c/a\u003e 0.1.9\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v.0.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for path-to-regexp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.11.0 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e...\n\n_Description has been truncated_","html_url":"https://github.com/OneFineStarstuff/livecodes/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/OneFineStarstuff%2Flivecodes/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"},{"uuid":"4636351831","node_id":"PR_kwDOD5lwbM7lHHFv","number":24,"state":"open","title":"Bump cipher-base from 1.0.4 to 1.0.7","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-11T01:20:33.000Z","updated_at":"2026-06-11T01:20:40.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"}],"path":null,"ecosystem":"npm"},"body":"Bumps [cipher-base](https://github.com/crypto-browserify/cipher-base) from 1.0.4 to 1.0.7.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cipher-base\u0026package-manager=npm_and_yarn\u0026previous-version=1.0.4\u0026new-version=1.0.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/geolonia/download.geolonia.com/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/geolonia/download.geolonia.com/pull/24","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/geolonia%2Fdownload.geolonia.com/issues/24","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/24/packages"},{"uuid":"4632678706","node_id":"PR_kwDOQIL6Ks7k7Ec0","number":1,"state":"closed","title":"build(deps): bump the npm_and_yarn group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-11T01:25:38.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-10T15:34:51.000Z","updated_at":"2026-06-11T01:25:40.000Z","time_to_close":35447,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"npm_and_yarn","update_count":16,"packages":[{"name":"@babel/runtime","old_version":"7.17.8","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"base-x","old_version":"3.0.9","new_version":"3.0.11","repository_url":"https://github.com/cryptocoinjs/base-x"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"follow-redirects","old_version":"1.14.9","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"protocol-buffers-schema","old_version":"3.6.0","new_version":"3.6.1","repository_url":"https://github.com/mafintosh/protocol-buffers-schema"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"1.16.3","new_version":"1.16.6","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tmp","old_version":"0.2.1","new_version":"0.2.7","repository_url":"https://github.com/raszi/node-tmp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 16 updates in the /subgraphs/yeti-finance directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.17.8` | `7.29.7` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.9` | `3.0.11` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.9` | `1.16.0` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.6` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [protocol-buffers-schema](https://github.com/mafintosh/protocol-buffers-schema) | `3.6.0` | `3.6.1` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `1.16.3` | `1.16.6` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.2.1` | `0.2.7` |\n\n\nUpdates `@babel/runtime` from 7.17.8 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/runtime's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/f68ac511f091f6d1f698e8ce59cd668d3bfc6102\"\u003e\u003ccode\u003ef68ac51\u003c/code\u003e\u003c/a\u003e chore: Avoid CITGM errors (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17382\"\u003e#17382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/baa4cb8b9f8a551d7dae9042b19ea2f74df6b110\"\u003e\u003ccode\u003ebaa4cb8\u003c/code\u003e\u003c/a\u003e v7.27.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/7d069309fdfcedda2928a043f6f7c98135c1242a\"\u003e\u003ccode\u003e7d06930\u003c/code\u003e\u003c/a\u003e v7.27.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/5b9468d9bf1ab4f427241673e9f03593da115a69\"\u003e\u003ccode\u003e5b9468d\u003c/code\u003e\u003c/a\u003e Reduce \u003ccode\u003eregenerator\u003c/code\u003e size more (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17287\"\u003e#17287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-runtime\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/runtime\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `base-x` from 3.0.9 to 3.0.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/043a888a9bae09bc4b40500e37792e2c6398e9f2\"\u003e\u003ccode\u003e043a888\u003c/code\u003e\u003c/a\u003e 3.0.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/2705dddd2565b455641985974b534291d8defb31\"\u003e\u003ccode\u003e2705ddd\u003c/code\u003e\u003c/a\u003e [backport 3.x] Prohibit char codes that would overflow the \u003ccode\u003eBASE_MAP\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/3d43c0e16bfbc045a0a8bb6423e6e336df81b512\"\u003e\u003ccode\u003e3d43c0e\u003c/code\u003e\u003c/a\u003e 3.0.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/0a3544695fa6800649a8b78ed46cece61bcdbbe5\"\u003e\u003ccode\u003e0a35446\u003c/code\u003e\u003c/a\u003e Improve decoding performance\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/base-x/compare/v3.0.9...v3.0.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d\"\u003e\u003ccode\u003e74b2db2\u003c/code\u003e\u003c/a\u003e 3.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e\"\u003e\u003ccode\u003e88f1429\u003c/code\u003e\u003c/a\u003e update eslint. lint, fix unit tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"\u003e\u003ccode\u003e415d660\u003c/code\u003e\u003c/a\u003e Snyk js braces 6838727 (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6\"\u003e\u003ccode\u003e190510f\u003c/code\u003e\u003c/a\u003e fix tests, skip 1 test in test/braces.expand\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856\"\u003e\u003ccode\u003e716eb9f\u003c/code\u003e\u003c/a\u003e readme bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3\"\u003e\u003ccode\u003ea5851e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/braces/issues/37\"\u003e#37\u003c/a\u003e from coderaiser/fix/vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538\"\u003e\u003ccode\u003e2092bd1\u003c/code\u003e\u003c/a\u003e feature: braces: add maxSymbols (\u003ca href=\"https://github.com/micromatch/braces/issues/\"\u003ehttps://github.com/micromatch/braces/issues/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3\"\u003e\u003ccode\u003e9f5b4cf\u003c/code\u003e\u003c/a\u003e fix: vulnerability (\u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\"\u003ehttps://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d\"\u003e\u003ccode\u003e98414f9\u003c/code\u003e\u003c/a\u003e remove funding file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14\"\u003e\u003ccode\u003e665ab5d\u003c/code\u003e\u003c/a\u003e update keepEscaping doc (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/27\"\u003e#27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/braces/compare/3.0.2...3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 7.0.3 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/77cd97f3ca7b62c904a63a698fc4a79bf41977d0\"\u003e\u003ccode\u003e77cd97f\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6717de49ff1e5de49622488dcb9c33fb25370c85\"\u003e\u003ccode\u003e6717de4\u003c/code\u003e\u003c/a\u003e chore: upgrade standard-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003e\u003ccode\u003ef700743\u003c/code\u003e\u003c/a\u003e fix: update cross-spawn version to 7.0.5 in package-lock.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9a7e3b2165917367f74b8365faad9873b30d7263\"\u003e\u003ccode\u003e9a7e3b2\u003c/code\u003e\u003c/a\u003e chore: fix build status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/085268352dcbcad8064c64c5efb25268b4023184\"\u003e\u003ccode\u003e0852683\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e\u003ccode\u003e640d391\u003c/code\u003e\u003c/a\u003e fix: fix escaping bug introduced by backtracking\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/bff0c87c8b627c4e6d04ec2449e733048bebb464\"\u003e\u003ccode\u003ebff0c87\u003c/code\u003e\u003c/a\u003e chore: remove codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/a7c6abc6fee79641d45b452fe6217deaa1bd0973\"\u003e\u003ccode\u003ea7c6abc\u003c/code\u003e\u003c/a\u003e chore: replace travis with github workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9b9246e0969e86656d7ccd527716bc3c18842a19\"\u003e\u003ccode\u003e9b9246e\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e\u003ccode\u003e5ff3a07\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.14.9 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.14.9...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pbkdf2` from 3.1.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md\"\u003epbkdf2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.5...v3.1.6\"\u003ev3.1.6\u003c/a\u003e - 2026-05-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[New] add TypeScript type declarations \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fb1f74746f8f1ab171d7d43ede48eeca9e694ce3\"\u003e\u003ccode\u003efb1f747\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] coerce \u003ccode\u003e-0\u003c/code\u003e keylen to \u003ccode\u003e+0\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7c4a4959142269cbfae8b1448e3a5848b84ac2f4\"\u003e\u003ccode\u003e7c4a495\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3cce1691f5021a70673ecb8833f729c1840cd38\"\u003e\u003ccode\u003ee3cce16\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix an error \u003ca href=\"https://github.com/browserify/pbkdf2/commit/f6b0e424257980e3331da18bd7d1ed3232d17afd\"\u003e\u003ccode\u003ef6b0e42\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix \u003ccode\u003enpm run postlint\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/b729629ca1ced08e42ecd5419a7971f20307ebb5\"\u003e\u003ccode\u003eb729629\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/5e0cf517d1124dd42df315b0cc5cc6219426350b\"\u003e\u003ccode\u003e5e0cf51\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/1c3b1f526b052a29b3b42120c9821895772df7e8\"\u003e\u003ccode\u003e1c3b1f5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge \u003ca href=\"https://github.com/browserify/pbkdf2/commit/528bd3861dda05e2d7e1ef7cbb724baca43766e3\"\u003e\u003ccode\u003e528bd38\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.4...v3.1.5\"\u003ev3.1.5\u003c/a\u003e - 2025-09-23\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] only allow finite iterations \u003ca href=\"https://github.com/browserify/pbkdf2/commit/67bd94dbbf21b93f5e282ee910728945c8ef2827\"\u003e\u003ccode\u003e67bd94d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8f59d962f71dcb2cc14067d7f514ff96e3406f81\"\u003e\u003ccode\u003e8f59d96\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] check parameters before the \u0026quot;no Promise\u0026quot; bailout \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d2dc5f052cacadf3d4a09d87164158da875ca740\"\u003e\u003ccode\u003ed2dc5f0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.3...v3.1.4\"\u003ev3.1.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ecreate-hash\u003c/code\u003e, \u003ccode\u003eripemd160\u003c/code\u003e, \u003ccode\u003esha.js\u003c/code\u003e, \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8dbf49b38235066c565a92eaf3722720a1333a2d\"\u003e\u003ccode\u003e8dbf49b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] update repo URLs \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d15bc351de0edbed394d2a6189176960aaa0d050\"\u003e\u003ccode\u003ed15bc35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/aaf870b1d1855e6a381af05021f304294a79f7c9\"\u003e\u003ccode\u003eaaf870b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.3\"\u003ev3.1.3\u003c/a\u003e - 2025-06-20\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8b067308eedcc3b7da3e06202d437ff532de75bd\"\u003e\u003ccode\u003e8b06730\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix whitespace \u003ca href=\"https://github.com/browserify/pbkdf2/commit/9a76e2f37ef4541aeff92d97b7335b7fa6e989a8\"\u003e\u003ccode\u003e9a76e2f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix parens/curlies/semis/etc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/6fd84bf64a423d207d9e665f3e9fd88b148c4480\"\u003e\u003ccode\u003e6fd84bf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/796c38d428ed9546e7ddfbb38322faa99921d716\"\u003e\u003ccode\u003e796c38d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node 17 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/3661fb0156177bfe380c7bcc133917e7ee501bc7\"\u003e\u003ccode\u003e3661fb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;[Tests] fix tests in node \u0026lt; 3\u0026quot; \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7431b5766805cbf880c1b3d0f38d484357844ff7\"\u003e\u003ccode\u003e7431b57\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node \u0026lt; 3 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/eb9f97a66ed83836bebc4ff563a1588248708501\"\u003e\u003ccode\u003eeb9f97a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] ensure unknown algorithms throw + known ones match node \u003ca href=\"https://github.com/browserify/pbkdf2/commit/26d4fd391e00ed806840ea1ef7341937985f4ba8\"\u003e\u003ccode\u003e26d4fd3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add GHA, always run nyc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/513906a735e80a0e125e1a3363c5dbe90bb34bb7\"\u003e\u003ccode\u003e513906a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix a few more rules \u003ca href=\"https://github.com/browserify/pbkdf2/commit/ab04da834a0342cb3779486314fa67ebc1e3f035\"\u003e\u003ccode\u003eab04da8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] switch to eslint \u003ca href=\"https://github.com/browserify/pbkdf2/commit/89694cf7e4062a8c924fbe74ad2b2d3cf78f1715\"\u003e\u003ccode\u003e89694cf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add coverage \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d0d534bfdc4db6d6ea9f719606ad18a78db6c124\"\u003e\u003ccode\u003ed0d534b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb\"\u003e\u003ccode\u003ee3102a8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] improve badges \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fca0c9d4c5b053d911315a3607367d1db9f9f605\"\u003e\u003ccode\u003efca0c9d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] remove unused travis file \u003ca href=\"https://github.com/browserify/pbkdf2/commit/a2c7d93bbcad73c49dad0c18fef6b8a4af8c3310\"\u003e\u003ccode\u003ea2c7d93\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] switch from \u003ccode\u003efiles\u003c/code\u003e to \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7f31fbca528fa5af3b7d3910daf09a7e5ed8adb4\"\u003e\u003ccode\u003e7f31fbc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] use .nycrc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8d628e8d5559b4acd4d4a714afb04a2990f901b7\"\u003e\u003ccode\u003e8d628e8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/ea4768bd09be327904b4ac075d9328c7c7ee2404\"\u003e\u003ccode\u003eea4768b\u003c/code\u003e\u003c/a\u003e v3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/b729629ca1ced08e42ecd5419a7971f20307ebb5\"\u003e\u003ccode\u003eb729629\u003c/code\u003e\u003c/a\u003e [Tests] fix \u003ccode\u003enpm run postlint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/7c4a4959142269cbfae8b1448e3a5848b84ac2f4\"\u003e\u003ccode\u003e7c4a495\u003c/code\u003e\u003c/a\u003e [Fix] coerce \u003ccode\u003e-0\u003c/code\u003e keylen to \u003ccode\u003e+0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/5e0cf517d1124dd42df315b0cc5cc6219426350b\"\u003e\u003ccode\u003e5e0cf51\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/1c3b1f526b052a29b3b42120c9821895772df7e8\"\u003e\u003ccode\u003e1c3b1f5\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3cce1691f5021a70673ecb8833f729c1840cd38\"\u003e\u003ccode\u003ee3cce16\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/f6b0e424257980e3331da18bd7d1ed3232d17afd\"\u003e\u003ccode\u003ef6b0e42\u003c/code\u003e\u003c/a\u003e [eslint] fix an error\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/fb1f74746f8f1ab171d7d43ede48eeca9e694ce3\"\u003e\u003ccode\u003efb1f747\u003c/code\u003e\u003c/a\u003e [New] add TypeScript type declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/528bd3861dda05e2d7e1ef7cbb724baca43766e3\"\u003e\u003ccode\u003e528bd38\u003c/code\u003e\u003c/a\u003e [readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/36879052911703147a6dfa5e97422126bf3cda5b\"\u003e\u003ccode\u003e3687905\u003c/code\u003e\u003c/a\u003e v3.1.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for pbkdf2 since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protocol-buffers-schema` from 3.6.0 to 3.6.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/commit/46c34bd3199aa1e32374a1af59d02413b9ea197a\"\u003e\u003ccode\u003e46c34bd\u003c/code\u003e\u003c/a\u003e 3.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/commit/2351031dd6f1d58930b8e46548e91b1e96f7c20c\"\u003e\u003ccode\u003e2351031\u003c/code\u003e\u003c/a\u003e Fixed parse.js to prevent Prototype Pollution (\u003ca href=\"https://redirect.github.com/mafintosh/protocol-buffers-schema/issues/70\"\u003e#70\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/compare/v3.6.0...v3.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sha.js` from 2.4.11 to 2.4.12\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/sha.js/blob/master/CHANGELOG.md\"\u003esha.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ev2.4.12\u003c/a\u003e - 2025-07-01\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/sha.js/commit/7acadfbd3abb558880212b20669fcb09e1aa1c58\"\u003e\u003ccode\u003e7acadfb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix package.json indentation \u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/sha.js/commit/c43c64adc6d3607d470538df72338fc02e63bc24\"\u003e\u003ccode\u003ec43c64a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] support multi-byte wide typed arrays \u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] reorder package.json \u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] avoid console logs \u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests run in batch \u003ca href=\"https://github.com/browserify/sha.js/commit/262913006e94616c8cd245ef6bd61bc4410b29e3\"\u003e\u003ccode\u003e2629130\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] drop node requirement to 0.10 \u003ca href=\"https://github.com/browserify/sha.js/commit/00c7f234aa3bdbd427ffeb929bacbb05334eb3e9\"\u003e\u003ccode\u003e00c7f23\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ebuffer\u003c/code\u003e, \u003ccode\u003ehash-test-vectors\u003c/code\u003e, \u003ccode\u003estandard\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypedarray\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/92b5de5f67472d9f18413d38ad5b9aba29ff4c22\"\u003e\u003ccode\u003e92b5de5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] drop node requirement to v3 \u003ca href=\"https://github.com/browserify/sha.js/commit/9b5eca80fd9bb21cf05bdf43ce42661f1bbafeaa\"\u003e\u003ccode\u003e9b5eca8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] set engines to \u003ccode\u003e\u0026amp;gt;= 4\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/807084c5c0f943459e89838252cafbd175b549b7\"\u003e\u003ccode\u003e807084c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/sha.js/commit/c72789c7a129cf453d44008ba27a88b90ac7989b\"\u003e\u003ccode\u003ec72789c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/5428cfc6f7177ad1a41c837b9387308848db96de\"\u003e\u003ccode\u003e5428cfc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/2dbe0aab419e90add5032c70c9663b8fc562adb8\"\u003e\u003ccode\u003e2dbe0aa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate README to reflect LICENSE \u003ca href=\"https://github.com/browserify/sha.js/commit/8938256dbb2241a7c749e4a399dbaff48cbe8e95\"\u003e\u003ccode\u003e8938256\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/sha.js/commit/d52889688ce524e63570f35e448635a29e6dd791\"\u003e\u003ccode\u003ed528896\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused \u003ccode\u003ebuffer\u003c/code\u003e dep \u003ca href=\"https://github.com/browserify/sha.js/commit/94ca7247f467ef045f41d534708bf7c700e03828\"\u003e\u003ccode\u003e94ca724\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/eb4ea2fd3da93d41e250f9ac8a1a133ce450e0a2\"\u003e\u003ccode\u003eeb4ea2f\u003c/code\u003e\u003c/a\u003e v2.4.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e [meta] reorder package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e [eslint] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/d52889688ce524e63570f35e448635a29e6dd791\"\u003e\u003ccode\u003ed528896\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/94ca7247f467ef045f41d534708bf7c700e03828\"\u003e\u003ccode\u003e94ca724\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused \u003ccode\u003ebuffer\u003c/code\u003e dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/2dbe0aab419e90add5032c70c9663b8fc562adb8\"\u003e\u003ccode\u003e2dbe0aa\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e [Tests] avoid console logs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e [Fix] support multi-byte wide typed arrays\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for sha.js since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar-fs` from 1.16.3 to 1.16.6\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/6c89b946d0f0043f94a7deb8820f7c3922bc2568\"\u003e\u003ccode\u003e6c89b94\u003c/code\u003e\u003c/a\u003e 1.16.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/4884466fee755d3e462ea9390748a1bf802cdfde\"\u003e\u003ccode\u003e4884466\u003c/code\u003e\u003c/a\u003e refactor to same pattern as v3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/3c6eddb6008d14f4ca83a439dd432263d29ecb0f\"\u003e\u003ccode\u003e3c6eddb\u003c/code\u003e\u003c/a\u003e 1.16.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/c5e7d961a50aaa9614fba3019516227756ea63b6\"\u003e\u003ccode\u003ec5e7d96\u003c/code\u003e\u003c/a\u003e hardlink tweak from main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/ff6510d7ba63b6ee200442b80f4326f369e7d4bd\"\u003e\u003ccode\u003eff6510d\u003c/code\u003e\u003c/a\u003e 1.16.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/df4bca54402e1f03bcbee0bb8ccbe3c4ca84636e\"\u003e\u003ccode\u003edf4bca5\u003c/code\u003e\u003c/a\u003e port fix from main\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mafintosh/tar-fs/compare/v1.16.3...v1.16.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tmp` from 0.2.1 to 0.2.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md\"\u003etmp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.2 (2024-02-28)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/raszi/node-tmp/pull/278\"\u003e#278\u003c/a\u003e Closes \u003ca href=\"https://redirect.github.com/raszi/node-tmp/issues/268\"\u003e#268\u003c/a\u003e: Revert \u0026quot;fix \u003ca href=\"https://redirect.github.com/raszi/node-tmp/issues/246\"\u003e#246\u003c/a\u003e: remove any double quotes or single quotes… (\u003ca href=\"https://github.com/mbargiel\"\u003e\u003ccode\u003e@​mbargiel\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:memo: Documentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/raszi/node-tmp/pull/279\"\u003e#279\u003c/a\u003e Closes \u003ca href=\"https://redirect.github.com/raszi/node-tmp/issues/266\"\u003e#266\u003c/a\u003e: move paragraph on graceful cleanup to the head of the documentation (\u003ca href=\"https://github.com/silkentrance\"\u003e\u003ccode\u003e@​silkentrance\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 5\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCarsten Klein (\u003ca href=\"https://github.com/silkentrance\"\u003e\u003ccode\u003e@​silkentrance\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDave Nicolson (\u003ca href=\"https://github.com/dnicolson\"\u003e\u003ccode\u003e@​dnicolson\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKARASZI István (\u003ca href=\"https://github.com/raszi\"\u003e\u003ccode\u003e@​raszi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMaxime Bargiel (\u003ca href=\"https://github.com/mbargiel\"\u003e\u003ccode\u003e@​mbargiel\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robertoaceves\"\u003e\u003ccode\u003e@​robertoaceves\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/8ea1f37d75c67569e0f151448330d52f7babf211\"\u003e\u003ccode\u003e8ea1f37\u003c/code\u003e\u003c/a\u003e Bump up the version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/8f24f788a356b5d45c9bec894632bd4931338153\"\u003e\u003ccode\u003e8f24f78\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/ce787f37aaacccad921ae90990c9da33481fe59c\"\u003e\u003ccode\u003ece787f3\u003c/code\u003e\u003c/a\u003e Reject non-string prefix, postfix, template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/41f71598d03f104a67e0448a7cb9bd4efcdd5980\"\u003e\u003ccode\u003e41f7159\u003c/code\u003e\u003c/a\u003e Bump up the version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/efa4a06f24374797ae32ab2b6ae39b7a611ae429\"\u003e\u003ccode\u003eefa4a06\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/7ef2728ce0211b8110b2033dfe62eaf030341acf\"\u003e\u003ccode\u003e7ef2728\u003c/code\u003e\u003c/a\u003e Check for relative values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/3d2fe387f3f91b13830b9182faa02c3231ea8258\"\u003e\u003ccode\u003e3d2fe38\u003c/code\u003e\u003c/a\u003e Bump up the version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/e16282879e5d0554fe824e1ab3df724847e91183\"\u003e\u003ccode\u003ee162828\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/raszi/node-tmp/issues/309\"\u003e#309\u003c/a\u003e from fflorent/fix-tmp-dir-with-dir\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/b847d2f1a42b625c26149f4a2029ed00a1edf90b\"\u003e\u003ccode\u003eb847d2f\u003c/code\u003e\u003c/a\u003e Fix use of tmp.dir() with \u003ccode\u003edir\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/08fa3abac32b621506512724b28b56b9c4a95846\"\u003e\u003ccode\u003e08fa3ab\u003c/code\u003e\u003c/a\u003e Update version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/raszi/node-tmp/compare/v0.2.1...v0.2.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Domimueller85/subgraphs/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Domimueller85/subgraphs/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Domimueller85%2Fsubgraphs/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4629390269","node_id":"PR_kwDOCMNac87kwRo8","number":1,"state":"closed","title":"Bump the npm_and_yarn group across 2 directories with 20 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-06-13T05:10:58.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-10T08:22:57.000Z","updated_at":"2026-06-13T05:11:00.000Z","time_to_close":247681,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":20,"packages":[{"name":"axios","old_version":"0.18.0","new_version":"0.32.0","repository_url":"https://github.com/axios/axios"},{"name":"qs","old_version":"6.5.2","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"lodash","old_version":"4.17.10","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"uuid","old_version":"3.3.2","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"webpack-dev-server","old_version":"3.1.4","new_version":"5.2.4","repository_url":"https://github.com/webpack/webpack-dev-server"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.4","repository_url":"https://github.com/isaacs/minimatch"},{"name":"csvtojson","old_version":"1.1.12","new_version":"2.0.13","repository_url":"https://github.com/Keyang/node-csvtojson"},{"name":"sanitize-html","old_version":"1.18.2","new_version":"2.0.0","repository_url":"https://github.com/apostrophecms/apostrophe"},{"name":"js-yaml","old_version":"3.11.0","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"bn.js","old_version":"4.11.8","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"handlebars","old_version":"4.0.11","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"jws","old_version":"3.1.5","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"min-document","old_version":"2.19.0","new_version":"2.19.2","repository_url":"https://github.com/Raynos/min-document"},{"name":"node-forge","old_version":"0.7.5","new_version":"0.7.6","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"serialize-javascript","old_version":"1.5.0","new_version":"1.9.1","repository_url":"https://github.com/yahoo/serialize-javascript"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"1.16.3","new_version":"1.16.6","repository_url":"https://github.com/mafintosh/tar-fs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 2 updates in the /infrastructure/functions/onGithubWebhook directory: [axios](https://github.com/axios/axios) and [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 18 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.18.0` | `0.32.0` |\n| [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.15.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.10` | `4.18.1` |\n| [uuid](https://github.com/uuidjs/uuid) | `3.3.2` | `14.0.0` |\n| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `3.1.4` | `5.2.4` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.4` |\n| [csvtojson](https://github.com/Keyang/node-csvtojson) | `1.1.12` | `2.0.13` |\n| [sanitize-html](https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html) | `1.18.2` | `2.0.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.11.0` | `3.14.2` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.11.8` | `4.12.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.0.11` | `4.7.9` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.1.5` | `3.2.3` |\n| [min-document](https://github.com/Raynos/min-document) | `2.19.0` | `2.19.2` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `0.7.5` | `0.7.6` |\n| [serialize-javascript](https://github.com/yahoo/serialize-javascript) | `1.5.0` | `1.9.1` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `1.16.3` | `1.16.6` |\n\n\nUpdates `axios` from 0.17.0 to 0.32.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.32.0 — May 4, 2026\u003c/h2\u003e\n\u003cp\u003eThis release backports a comprehensive set of security and hardening fixes from the v1.x branch into v0.x, covering prototype-pollution protections, default error redaction, stricter proxy/cookie/socket handling, and one breaking change to merged config and header object prototypes.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNull-prototype merged objects: mergeConfig and header merging now return objects with a null prototype to block prototype-pollution gadgets. Consumers must use Object.prototype.hasOwnProperty.call(obj, key) and avoid implicit string coercion against merged config or header objects. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefault error redaction: AxiosError.toJSON() now redacts sensitive keys by default to prevent credential leaks in logs. The behavior is configurable via config.redact, with defaults exposed on defaults.redact. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCookie \u0026amp; XSRF handling: Cookie names are read literally rather than via regex, and only own properties are respected when evaluating withXSRFToken. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProxy bypass IPv6 parity: NO_PROXY matching now handles canonical IPv4-mapped IPv6 forms such as ::ffff:127.0.0.1 and ::ffff:7f00:1. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNode http adapter hardening: Strips Proxy-Authorization when no proxy is in use and gates socketPath behind a new allowedSocketPaths allowlist (string or array, normalized) to reduce accidental Unix socket exposure. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBrowser xhr adapter: Stricter own-property checks when reading config and headers. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eURL parameters: AxiosURLSearchParams keeps %00 encoded and applies consistent encoding throughout. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePublic type surface: Adds formDataHeaderPolicy, redact, and allowedSocketPaths to the TypeScript declarations alongside their runtime defaults. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepo hygiene: Updates README.md and CHANGELOG.md, adds AGENTS.md, and refreshes the issue and PR templates. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.1...v0.32.0\"\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.1\u003c/h2\u003e\n\u003cp\u003eThis release backports a broad set of security hardenings from the v1 line — covering prototype-pollution defences, stream size enforcement, XSRF handling, URL null-byte encoding, and bounded FormData recursion — and drops committed \u003ccode\u003edist/\u003c/code\u003e artefacts along with Bower support.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBower \u0026amp; Committed \u003ccode\u003edist/\u003c/code\u003e Removed:\u003c/strong\u003e \u003ccode\u003edist/\u003c/code\u003e bundles are no longer committed to the repo, and \u003ccode\u003ebower.json\u003c/code\u003e plus the Grunt \u003ccode\u003epackage2bower\u003c/code\u003e task have been removed. CI still builds bundles before publish, so npm/yarn/pnpm consumers are unaffected; installs via Bower or directly from the git tree must migrate to npm or a CDN. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Header Merge (GHSA-6chq-wfr3-2hj9):\u003c/strong\u003e Tightened \u003ccode\u003eisFormData\u003c/code\u003e to reject plain/null-prototype objects and require \u003ccode\u003eappend\u003c/code\u003e, and guarded the Node HTTP adapter so \u003ccode\u003edata.getHeaders()\u003c/code\u003e is only merged when it is not inherited from \u003ccode\u003eObject.prototype\u003c/code\u003e. Blocks injected headers via polluted \u003ccode\u003egetHeaders\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Config Merging (GHSA-pf86-5x62-jrwf):\u003c/strong\u003e \u003ccode\u003emergeConfig\u003c/code\u003e, defaults resolution, and the HTTP adapter now uses own-property checks for \u003ccode\u003etransport\u003c/code\u003e, \u003ccode\u003eenv\u003c/code\u003e, \u003ccode\u003eBlob\u003c/code\u003e, \u003ccode\u003eformSerializer\u003c/code\u003e, and transforms arrays, and merged configs are returned as null-prototype objects. Prevents hijacking of the request flow through polluted prototypes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFormData / Params Recursion DoS:\u003c/strong\u003e Added a configurable \u003ccode\u003emaxDepth\u003c/code\u003e (default \u003ccode\u003e100\u003c/code\u003e, \u003ccode\u003eInfinity\u003c/code\u003e disables) to \u003ccode\u003etoFormData\u003c/code\u003e and params serialisation, throwing \u003ccode\u003eAxiosError\u003c/code\u003e with code \u003ccode\u003eERR_FORM_DATA_DEPTH_EXCEEDED\u003c/code\u003e when exceeded. Circular-reference detection is preserved. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNull-Byte Injection in Query Strings:\u003c/strong\u003e Removed the unsafe \u003ccode\u003e%00\u003c/code\u003e → null-byte substitution from \u003ccode\u003eAxiosURLSearchParams.encode\u003c/code\u003e so \u003ccode\u003e%00\u003c/code\u003e is preserved as-is. Other encoding behaviour (including \u003ccode\u003e%20\u003c/code\u003e → \u003ccode\u003e+\u003c/code\u003e) unchanged. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eConsolidated v1 Security Backport:\u003c/strong\u003e Rolls up remaining v1 hardenings into \u003ccode\u003ev0.x\u003c/code\u003e: \u003ccode\u003emaxContentLength\u003c/code\u003e enforcement for \u003ccode\u003eresponseType: 'stream'\u003c/code\u003e via a guarded transform with deferred piping, \u003ccode\u003emaxBodyLength\u003c/code\u003e enforcement for streamed uploads on native \u003ccode\u003ehttp\u003c/code\u003e/\u003ccode\u003ehttps\u003c/code\u003e with \u003ccode\u003emaxRedirects: 0\u003c/code\u003e, and stricter \u003ccode\u003ewithXSRFToken\u003c/code\u003e handling so only own boolean \u003ccode\u003etrue\u003c/code\u003e enables cross-origin XSRF headers. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCODEOWNERS:\u003c/strong\u003e Added \u003ccode\u003e.github/CODEOWNERS\u003c/code\u003e with \u003ccode\u003e* @jasonsaayman\u003c/code\u003e to set a default reviewer for all paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.0...v0.31.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.0\u003c/h2\u003e\n\u003cp\u003eThis release backports security fixes from v1.x, hardens the CI/CD supply chain with OIDC publishing and \u003ccode\u003ezizmor\u003c/code\u003e scanning, resolves TypeScript typing issues in \u003ccode\u003eAxiosInstance\u003c/code\u003e, and fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8db2d44896849a21ed9721185b1034df24e1ba7b\"\u003e\u003ccode\u003e8db2d44\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.32.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10840\"\u003e#10840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2af6116a957b1dd1b32056181326da8a5540d3bc\"\u003e\u003ccode\u003e2af6116\u003c/code\u003e\u003c/a\u003e chore: backport fixes from the v1x branch (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a589dc525af12e0fabef7d6e5be028ad433eee31\"\u003e\u003ccode\u003ea589dc5\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.31.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10766\"\u003e#10766\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b0c632f36a5ea2e73c9bdf3a54164a8ede925736\"\u003e\u003ccode\u003eb0c632f\u003c/code\u003e\u003c/a\u003e fix: backport security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b52187f4571b6b8663fed5904e3082ab30660364\"\u003e\u003ccode\u003eb52187f\u003c/code\u003e\u003c/a\u003e fix: harden config merging (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e3ddeb40f6a142a234925341151e2ca631a6de64\"\u003e\u003ccode\u003ee3ddeb4\u003c/code\u003e\u003c/a\u003e fix: header security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f4f2d76e25cc0f777e5416e2d76282ab873ef9dc\"\u003e\u003ccode\u003ef4f2d76\u003c/code\u003e\u003c/a\u003e chore: stop committing dist/ and remove bower (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1f2f64433e5be205d74471c78c2721909282b9c0\"\u003e\u003ccode\u003e1f2f644\u003c/code\u003e\u003c/a\u003e chore: add CODEOWNERS (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44bca902e1bdd7dd6490c7b4985b63e729b0e634\"\u003e\u003ccode\u003e44bca90\u003c/code\u003e\u003c/a\u003e fix: improve regex in AxiosURLSearchParams (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4c4f07fabdb005f5430bab797f12b55e2ed5fb33\"\u003e\u003ccode\u003e4c4f07f\u003c/code\u003e\u003c/a\u003e fix: form data recursion (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.17.0...v0.32.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.2.5 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.2.5...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.5.1 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.5.1...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 0.18.0 to 0.32.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.32.0 — May 4, 2026\u003c/h2\u003e\n\u003cp\u003eThis release backports a comprehensive set of security and hardening fixes from the v1.x branch into v0.x, covering prototype-pollution protections, default error redaction, stricter proxy/cookie/socket handling, and one breaking change to merged config and header object prototypes.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNull-prototype merged objects: mergeConfig and header merging now return objects with a null prototype to block prototype-pollution gadgets. Consumers must use Object.prototype.hasOwnProperty.call(obj, key) and avoid implicit string coercion against merged config or header objects. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefault error redaction: AxiosError.toJSON() now redacts sensitive keys by default to prevent credential leaks in logs. The behavior is configurable via config.redact, with defaults exposed on defaults.redact. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCookie \u0026amp; XSRF handling: Cookie names are read literally rather than via regex, and only own properties are respected when evaluating withXSRFToken. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProxy bypass IPv6 parity: NO_PROXY matching now handles canonical IPv4-mapped IPv6 forms such as ::ffff:127.0.0.1 and ::ffff:7f00:1. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNode http adapter hardening: Strips Proxy-Authorization when no proxy is in use and gates socketPath behind a new allowedSocketPaths allowlist (string or array, normalized) to reduce accidental Unix socket exposure. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBrowser xhr adapter: Stricter own-property checks when reading config and headers. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eURL parameters: AxiosURLSearchParams keeps %00 encoded and applies consistent encoding throughout. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePublic type surface: Adds formDataHeaderPolicy, redact, and allowedSocketPaths to the TypeScript declarations alongside their runtime defaults. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepo hygiene: Updates README.md and CHANGELOG.md, adds AGENTS.md, and refreshes the issue and PR templates. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.1...v0.32.0\"\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.1\u003c/h2\u003e\n\u003cp\u003eThis release backports a broad set of security hardenings from the v1 line — covering prototype-pollution defences, stream size enforcement, XSRF handling, URL null-byte encoding, and bounded FormData recursion — and drops committed \u003ccode\u003edist/\u003c/code\u003e artefacts along with Bower support.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBower \u0026amp; Committed \u003ccode\u003edist/\u003c/code\u003e Removed:\u003c/strong\u003e \u003ccode\u003edist/\u003c/code\u003e bundles are no longer committed to the repo, and \u003ccode\u003ebower.json\u003c/code\u003e plus the Grunt \u003ccode\u003epackage2bower\u003c/code\u003e task have been removed. CI still builds bundles before publish, so npm/yarn/pnpm consumers are unaffected; installs via Bower or directly from the git tree must migrate to npm or a CDN. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Header Merge (GHSA-6chq-wfr3-2hj9):\u003c/strong\u003e Tightened \u003ccode\u003eisFormData\u003c/code\u003e to reject plain/null-prototype objects and require \u003ccode\u003eappend\u003c/code\u003e, and guarded the Node HTTP adapter so \u003ccode\u003edata.getHeaders()\u003c/code\u003e is only merged when it is not inherited from \u003ccode\u003eObject.prototype\u003c/code\u003e. Blocks injected headers via polluted \u003ccode\u003egetHeaders\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Config Merging (GHSA-pf86-5x62-jrwf):\u003c/strong\u003e \u003ccode\u003emergeConfig\u003c/code\u003e, defaults resolution, and the HTTP adapter now uses own-property checks for \u003ccode\u003etransport\u003c/code\u003e, \u003ccode\u003eenv\u003c/code\u003e, \u003ccode\u003eBlob\u003c/code\u003e, \u003ccode\u003eformSerializer\u003c/code\u003e, and transforms arrays, and merged configs are returned as null-prototype objects. Prevents hijacking of the request flow through polluted prototypes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFormData / Params Recursion DoS:\u003c/strong\u003e Added a configurable \u003ccode\u003emaxDepth\u003c/code\u003e (default \u003ccode\u003e100\u003c/code\u003e, \u003ccode\u003eInfinity\u003c/code\u003e disables) to \u003ccode\u003etoFormData\u003c/code\u003e and params serialisation, throwing \u003ccode\u003eAxiosError\u003c/code\u003e with code \u003ccode\u003eERR_FORM_DATA_DEPTH_EXCEEDED\u003c/code\u003e when exceeded. Circular-reference detection is preserved. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNull-Byte Injection in Query Strings:\u003c/strong\u003e Removed the unsafe \u003ccode\u003e%00\u003c/code\u003e → null-byte substitution from \u003ccode\u003eAxiosURLSearchParams.encode\u003c/code\u003e so \u003ccode\u003e%00\u003c/code\u003e is preserved as-is. Other encoding behaviour (including \u003ccode\u003e%20\u003c/code\u003e → \u003ccode\u003e+\u003c/code\u003e) unchanged. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eConsolidated v1 Security Backport:\u003c/strong\u003e Rolls up remaining v1 hardenings into \u003ccode\u003ev0.x\u003c/code\u003e: \u003ccode\u003emaxContentLength\u003c/code\u003e enforcement for \u003ccode\u003eresponseType: 'stream'\u003c/code\u003e via a guarded transform with deferred piping, \u003ccode\u003emaxBodyLength\u003c/code\u003e enforcement for streamed uploads on native \u003ccode\u003ehttp\u003c/code\u003e/\u003ccode\u003ehttps\u003c/code\u003e with \u003ccode\u003emaxRedirects: 0\u003c/code\u003e, and stricter \u003ccode\u003ewithXSRFToken\u003c/code\u003e handling so only own boolean \u003ccode\u003etrue\u003c/code\u003e enables cross-origin XSRF headers. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCODEOWNERS:\u003c/strong\u003e Added \u003ccode\u003e.github/CODEOWNERS\u003c/code\u003e with \u003ccode\u003e* @jasonsaayman\u003c/code\u003e to set a default reviewer for all paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.0...v0.31.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.0\u003c/h2\u003e\n\u003cp\u003eThis release backports security fixes from v1.x, hardens the CI/CD supply chain with OIDC publishing and \u003ccode\u003ezizmor\u003c/code\u003e scanning, resolves TypeScript typing issues in \u003ccode\u003eAxiosInstance\u003c/code\u003e, and fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8db2d44896849a21ed9721185b1034df24e1ba7b\"\u003e\u003ccode\u003e8db2d44\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.32.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10840\"\u003e#10840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2af6116a957b1dd1b32056181326da8a5540d3bc\"\u003e\u003ccode\u003e2af6116\u003c/code\u003e\u003c/a\u003e chore: backport fixes from the v1x branch (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a589dc525af12e0fabef7d6e5be028ad433eee31\"\u003e\u003ccode\u003ea589dc5\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.31.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10766\"\u003e#10766\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b0c632f36a5ea2e73c9bdf3a54164a8ede925736\"\u003e\u003ccode\u003eb0c632f\u003c/code\u003e\u003c/a\u003e fix: backport security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b52187f4571b6b8663fed5904e3082ab30660364\"\u003e\u003ccode\u003eb52187f\u003c/code\u003e\u003c/a\u003e fix: harden config merging (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e3ddeb40f6a142a234925341151e2ca631a6de64\"\u003e\u003ccode\u003ee3ddeb4\u003c/code\u003e\u003c/a\u003e fix: header security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f4f2d76e25cc0f777e5416e2d76282ab873ef9dc\"\u003e\u003ccode\u003ef4f2d76\u003c/code\u003e\u003c/a\u003e chore: stop committing dist/ and remove bower (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1f2f64433e5be205d74471c78c2721909282b9c0\"\u003e\u003ccode\u003e1f2f644\u003c/code\u003e\u003c/a\u003e chore: add CODEOWNERS (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44bca902e1bdd7dd6490c7b4985b63e729b0e634\"\u003e\u003ccode\u003e44bca90\u003c/code\u003e\u003c/a\u003e fix: improve regex in AxiosURLSearchParams (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4c4f07fabdb005f5430bab797f12b55e2ed5fb33\"\u003e\u003ccode\u003e4c4f07f\u003c/code\u003e\u003c/a\u003e fix: form data recursion (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.17.0...v0.32.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.5.1 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.2.5...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.5.2 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.5.1...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.10 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.10...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 3.3.2 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v3.3.2...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack-dev-server` from 3.1.4 to 5.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack-dev-server/releases\"\u003ewebpack-dev-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.4\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.3...v5.2.4\"\u003e5.2.4\u003c/a\u003e (2026-05-11)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eset Cross-Origin-Resource-Policy header to prevent source code theft over HTTP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.3\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.2...v5.2.3\"\u003e5.2.3\u003c/a\u003e (2026-01-12)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ecause\u003c/code\u003e for \u003ccode\u003eerrorObject\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5518\"\u003e#5518\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/37b033da2c48335178495a1987c469a26ef3de60\"\u003e37b033d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with event target and universal target and lazy compilation  (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/574026c44b9c51f0bbd2f5a2836c54607289a071\"\u003e574026c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eoverlay:\u003c/strong\u003e add ESC key to dismiss overlay (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5598\"\u003e#5598\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/f91baa8831e061e2998849966b8002b40b83fb07\"\u003ef91baa8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eprogress indicator styles (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5557\"\u003e#5557\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/41a53a1accdb0a90785d82cbe8a079794eeed3c8\"\u003e41a53a1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade selfsigned to v5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.2\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.1...v5.2.2\"\u003e5.2.2\u003c/a\u003e (2025-06-03)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u0026quot;Overlay enabled\u0026quot; false positive (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/18e72ee3e57a6e7598a6c068c0ff7c7bb6a857f1\"\u003e18e72ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not crush when error is null for runtime errors (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5447\"\u003e#5447\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/309991f947baa0354140b9930a9654ac792e20c4\"\u003e309991f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove unnecessary header \u003ccode\u003eX_TEST\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5451\"\u003e#5451\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/64a6124bf1b4d158bb42a4341dd03121ae3759fa\"\u003e64a6124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erespect the \u003ccode\u003eallowedHosts\u003c/code\u003e option for cross-origin header check (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5510\"\u003e#5510\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/03d12141bf7be09dfb14e91e5c834ee63bd9a9a2\"\u003e03d1214\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.0...v6.0.0\"\u003e5.2.1\u003c/a\u003e (2025-03-26)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecross-origin requests are not allowed unless allowed by \u003ccode\u003eAccess-Control-Allow-Origin\u003c/code\u003e header\u003c/li\u003e\n\u003cli\u003erequests with an IP addresses in the \u003ccode\u003eOrigin\u003c/code\u003e header are not allowed to connect to WebSocket server unless configured by \u003ccode\u003eallowedHosts\u003c/code\u003e or it different from the \u003ccode\u003eHost\u003c/code\u003e header\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe above changes may make the dev server not work if you relied on such behavior, but unfortunately they carry security risks, so they were considered as fixes.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent overlay for errors caught by React error boundaries (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5431\"\u003e#5431\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/8c1abc903ab444d9ce99e567b9a6c603e1ec06be\"\u003e8c1abc9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003etake the first network found instead of the last one, this restores the same behavior as 5.0.4 (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5411\"\u003e#5411\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/ffd0b86b790d372f90e17aea92cfd9def83fee96\"\u003effd0b86\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.1.0...v5.2.0\"\u003e5.2.0\u003c/a\u003e (2024-12-11)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack-dev-server/blob/main/CHANGELOG.md\"\u003ewebpack-dev-server's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.3...v5.2.4\"\u003e5.2.4\u003c/a\u003e (2026-05-11)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eset Cross-Origin-Resource-Policy header to prevent source code theft over HTTP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.2...v5.2.3\"\u003e5.2.3\u003c/a\u003e (2026-01-12)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ecause\u003c/code\u003e for \u003ccode\u003eerrorObject\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5518\"\u003e#5518\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/37b033da2c48335178495a1987c469a26ef3de60\"\u003e37b033d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with event target and universal target and lazy compilation  (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/574026c44b9c51f0bbd2f5a2836c54607289a071\"\u003e574026c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eoverlay:\u003c/strong\u003e add ESC key to dismiss overlay (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5598\"\u003e#5598\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/f91baa8831e061e2998849966b8002b40b83fb07\"\u003ef91baa8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eprogress indicator styles (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5557\"\u003e#5557\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/41a53a1accdb0a90785d82cbe8a079794eeed3c8\"\u003e41a53a1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade selfsigned to v5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.1...v5.2.2\"\u003e5.2.2\u003c/a\u003e (2025-06-03)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u0026quot;Overlay enabled\u0026quot; false positive (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/18e72ee3e57a6e7598a6c068c0ff7c7bb6a857f1\"\u003e18e72ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not crush when error is null for runtime errors (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5447\"\u003e#5447\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/309991f947baa0354140b9930a9654ac792e20c4\"\u003e309991f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove unnecessary header \u003ccode\u003eX_TEST\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5451\"\u003e#5451\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/64a6124bf1b4d158bb42a4341dd03121ae3759fa\"\u003e64a6124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erespect the \u003ccode\u003eallowedHosts\u003c/code\u003e option for cross-origin header check (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5510\"\u003e#5510\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/03d12141bf7be09dfb14e91e5c834ee63bd9a9a2\"\u003e03d1214\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.0...v6.0.0\"\u003e5.2.1\u003c/a\u003e (2025-03-26)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecross-origin requests are not allowed unless allowed by \u003ccode\u003eAccess-Control-Allow-Origin\u003c/code\u003e header\u003c/li\u003e\n\u003cli\u003erequests with an IP addresses in the \u003ccode\u003eOrigin\u003c/code\u003e header are not allowed to connect to WebSocket server unless configured by \u003ccode\u003eallowedHosts\u003c/code\u003e or it different from the \u003ccode\u003eHost\u003c/code\u003e header\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe above changes may make the dev server not work if you relied on such behavior, but unfortunately they carry security risks, so they were considered as fixes.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent overlay for errors caught by React error boundaries (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5431\"\u003e#5431\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/8c1abc903ab444d9ce99e567b9a6c603e1ec06be\"\u003e8c1abc9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003etake the first network found instead of the last one, this restores the same behavior as 5.0.4 (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5411\"\u003e#5411\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-serve...\n\n_Description has been truncated_","html_url":"https://github.com/lisaross/gatsby/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/lisaross%2Fgatsby/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4627365146","node_id":"PR_kwDOG3VMuc7kppdq","number":9,"state":"open","title":"Bump cipher-base from 1.0.4 to 1.0.7","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-10T02:25:54.000Z","updated_at":"2026-06-10T02:25:58.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"}],"path":null,"ecosystem":"npm"},"body":"Bumps [cipher-base](https://github.com/crypto-browserify/cipher-base) from 1.0.4 to 1.0.7.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cipher-base\u0026package-manager=npm_and_yarn\u0026previous-version=1.0.4\u0026new-version=1.0.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/mculp/polygon-test/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/mculp/polygon-test/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mculp%2Fpolygon-test/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"},{"uuid":"4627363898","node_id":"PR_kwDOGb1TMc7kppNR","number":1,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-10T02:25:38.000Z","updated_at":"2026-06-10T02:26:49.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"next","old_version":"12.0.4","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"apollo-server","old_version":"3.5.0","new_version":"3.13.0","repository_url":"https://github.com/apollographql/apollo-server"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.14.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@protobufjs/utf8","old_version":"1.1.0","new_version":"1.1.1","repository_url":"https://github.com/dcodeIO/protobuf.js"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"bn.js","old_version":"4.12.0","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"express","old_version":"4.17.1","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"flatted","old_version":"3.2.0","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.14.1","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.0","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar","old_version":"6.1.11","new_version":"6.2.1","repository_url":"https://github.com/isaacs/node-tar"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 17 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [next](https://github.com/vercel/next.js) | `12.0.4` | `15.5.18` |\n| [apollo-server](https://github.com/apollographql/apollo-server/tree/HEAD/packages/apollo-server) | `3.5.0` | `3.13.0` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.14.5` | `7.29.7` |\n| [@protobufjs/utf8](https://github.com/dcodeIO/protobuf.js) | `1.1.0` | `1.1.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.0` | `4.12.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.2` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.0` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.1` | `1.16.0` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.6` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar](https://github.com/isaacs/node-tar) | `6.1.11` | `6.2.1` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n\n\nUpdates `next` from 12.0.4 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.18\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.16\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9ff92cebcaa6ba4e7463b6fd037a8510ba9b81ec\"\u003e\u003ccode\u003e9ff92ce\u003c/code\u003e\u003c/a\u003e v15.5.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/00ebe23562bd7eb32dd78730984bfadb47138bcf\"\u003e\u003ccode\u003e00ebe23\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/62c97ab0b5825e2cbc15f6b682d8286a8dd6a038\"\u003e\u003ccode\u003e62c97ab\u003c/code\u003e\u003c/a\u003e v15.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/423623ae38c106273085b66946ee5bf9aab77f2c\"\u003e\u003ccode\u003e423623a\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fa787399b38d9aa702118f9bd23a8315b9f0ecc6\"\u003e\u003ccode\u003efa78739\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36e62c6eb7813e42d409eb487f93b829f4ad77e8\"\u003e\u003ccode\u003e36e62c6\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93588\"\u003e#93588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36589b5db512b7704cdadd873cbe49b6dbcc9261\"\u003e\u003ccode\u003e36589b5\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93596\"\u003e#93596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ad6fd4e50e5aba20b60d283c42b89273a3167ccd\"\u003e\u003ccode\u003ead6fd4e\u003c/code\u003e\u003c/a\u003e v15.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/79d7dff1448483f0c8f187f98887b31019f6e494\"\u003e\u003ccode\u003e79d7dff\u003c/code\u003e\u003c/a\u003e Ignore malformed CSP nonce headers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c4f69086cc8dcbd81b1dbc321c98ea874d90d6f8\"\u003e\u003ccode\u003ec4f6908\u003c/code\u003e\u003c/a\u003e router-server: guard upgrade proxy against absolute-url SSRF (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/77\"\u003e#77\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v12.0.4...v15.5.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `apollo-server` from 3.5.0 to 3.13.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f93284e853efd6da46d91ae40da47a2dd15b61fe\"\u003e\u003ccode\u003ef93284e\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/ea2e2c3e071afc9144af00cae7b51720b9cc8b32\"\u003e\u003ccode\u003eea2e2c3\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/fac578a32d5b6e21164fb649fc61d641d0401774\"\u003e\u003ccode\u003efac578a\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/6247d96ba90de6fa9b45995dcab72758c99aab78\"\u003e\u003ccode\u003e6247d96\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/538151b9f30dfc91036eef2f8f65fbf7922d861e\"\u003e\u003ccode\u003e538151b\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f519e1d7de8564259eb1c8c1c7523669bd9ad815\"\u003e\u003ccode\u003ef519e1d\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/985c0795579a1d39e7b78edce1c9e2e7c8facf82\"\u003e\u003ccode\u003e985c079\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/2bf7f66db91aa2919266afc16f18a918501178ee\"\u003e\u003ccode\u003e2bf7f66\u003c/code\u003e\u003c/a\u003e chore(deps): update all non-major dependencies (main) (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/apollo-server/issues/6852\"\u003e#6852\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f6c5c9fec04c222aa15272b90d203ddc3fe64857\"\u003e\u003ccode\u003ef6c5c9f\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/e6097d614c9ac6887b359529cf27c1bd1a5de59c\"\u003e\u003ccode\u003ee6097d6\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apollographql/apollo-server/commits/apollo-server@3.13.0/packages/apollo-server\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.14.5 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@protobufjs/utf8` from 1.1.0 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dcodeIO/protobuf.js/releases\"\u003e@​protobufjs/utf8's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs-cli: v1.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-cli-v1.1.0...protobufjs-cli-v1.1.1\"\u003e1.1.1\u003c/a\u003e (2023-02-02)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e fix relative path to Google pb files (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/1859\"\u003e#1859\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e42eea4868b11f4a07934804a56683321ed191e2\"\u003ee42eea4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/dcodeIO/protobuf.js/compare/pool-v1.1.0...utf8-v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `apollo-server-core` from 3.5.0 to 3.13.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f93284e853efd6da46d91ae40da47a2dd15b61fe\"\u003e\u003ccode\u003ef93284e\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/4745ebed69775959212bbca7b02cff65c1f0dc64\"\u003e\u003ccode\u003e4745ebe\u003c/code\u003e\u003c/a\u003e Rename option from disableValidation to dangerouslyDisableValidation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/11f5981067f570c60a0003b51f3d634ebd8fa792\"\u003e\u003ccode\u003e11f5981\u003c/code\u003e\u003c/a\u003e Add disableValidation option to apollo-server-core\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/ea2e2c3e071afc9144af00cae7b51720b9cc8b32\"\u003e\u003ccode\u003eea2e2c3\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/1dd45b8366a6cee75e4ca321eeb5acf107e6c73e\"\u003e\u003ccode\u003e1dd45b8\u003c/code\u003e\u003c/a\u003e get CI passing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/d38b43bac88acdef4295759d7dcc3d4c348d9575\"\u003e\u003ccode\u003ed38b43b\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-j5g3-5c8r-7qfx\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/fac578a32d5b6e21164fb649fc61d641d0401774\"\u003e\u003ccode\u003efac578a\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/85540501642e9d4f9d7adcc1442885a2eddcc885\"\u003e\u003ccode\u003e8554050\u003c/code\u003e\u003c/a\u003e Update protobuf (version-3) (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/apollo-server-core/issues/7412\"\u003e#7412\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/6247d96ba90de6fa9b45995dcab72758c99aab78\"\u003e\u003ccode\u003e6247d96\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/538151b9f30dfc91036eef2f8f65fbf7922d861e\"\u003e\u003ccode\u003e538151b\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apollographql/apollo-server/commits/apollo-server-core@3.13.0/packages/apollo-server-core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.0 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.0...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.1 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.1...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.2.0 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.2.0...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.14.1 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.14.1...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 3.0.1 to 3.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/1a78b5dd05e508d67e97764d812ac7c6d92ea88d\"\u003e\u003ccode\u003e1a78b5d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/b22a64ef94ba4f3f6ff7d1ac72a54cca128567df\"\u003e\u003ccode\u003eb22a64e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/11d9f7338f18a59b431832a3562b49baece0a432\"\u003e\u003ccode\u003e11d9f73\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.2...v3.0.3\"\u003ev3.0.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/7fecefe4ba8f775634aff86a698776ad95ecffb5\"\u003e\u003ccode\u003e7fecefe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003ecross-spawn\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003epuppeteer\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/8261fcb8bf5944d30ae3bd04b91b71d6a9932ef4\"\u003e\u003ccode\u003e8261fcb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b82f59093cdbadb4b7ec0922d33ae7ab048b82ff\"\u003e\u003ccode\u003eb82f590\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/e5df7f24383342264bd73dee3274818a40d04065\"\u003e\u003ccode\u003ee5df7f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5a5bafee894fead10da49e1fa2b084e17f2e1034\"\u003e\u003ccode\u003e5a5bafe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.2\"\u003ev3.0.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] clean up ignores \u003ca href=\"https://github.com/form-data/form-data/commit/3217b3ded8e382e51171d5c74c6038a21cc54440\"\u003e\u003ccode\u003e3217b3d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: move util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e) \u003ca href=\"https://github.com/form-data/form-data/commit/edb555a811f6f7e4668db4831551cf41c1de1cac\"\u003e\u003ccode\u003eedb555a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/9c82fcdf0858b2764060a87803a55375ffbee6ed\"\u003e\u003ccode\u003e9c82fcd\u003c/code\u003e\u003c/a\u003e v3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/002b9b0c4862576305292ac44f7be25ec7ccea0e\"\u003e\u003ccode\u003e002b9b0\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e [Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 0.1.7 to 0.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.1.13\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eFix backtracking (again)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImproved backtracking protection for 0.1.x, will break some previously valid paths (see previous advisory: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\"\u003ehttps://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eError on bad input\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd error on bad input values  8f09549\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eBacktrack protection\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to parameters  29b96b4\n\u003cul\u003e\n\u003cli\u003eThis will break some edge cases but should improve performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSupport non-lookahead regex output\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow a non-lookahead regex (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/312\"\u003e#312\u003c/a\u003e)  c4272e4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9\"\u003ehttps://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSupport named matching groups in \u003ccode\u003eRegExp\u003c/code\u003e\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for named matching groups (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/301\"\u003e#301\u003c/a\u003e)  114f62d\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/blob/v.0.1.13/History.md\"\u003epath-to-regexp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.1.13 / 2026-03-26\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/9fd0c879f232c2464591f56dd7c7edad7f45b4e0\"\u003e\u003ccode\u003e9fd0c87\u003c/code\u003e\u003c/a\u003e 0.1.13 (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/425\"\u003e#425\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/7ccf02cee33402f06ed2125085992ee9cd3a7c45\"\u003e\u003ccode\u003e7ccf02c\u003c/code\u003e\u003c/a\u003e fix: CVE-2026-4867\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/640e694c6fd971f78268439df9cf44040855e669\"\u003e\u003ccode\u003e640e694\u003c/code\u003e\u003c/a\u003e 0.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4\"\u003e\u003ccode\u003ef01c26a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/0c7119248b7cb528a0aea3ba45ed4e2db007cba4\"\u003e\u003ccode\u003e0c71192\u003c/code\u003e\u003c/a\u003e 0.1.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/8f095497d678c2ec3495a99ab3928748731e73ee\"\u003e\u003ccode\u003e8f09549\u003c/code\u003e\u003c/a\u003e Add error on bad input values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c827fcea751b2e9ec6ca68a1b95a82e438728868\"\u003e\u003ccode\u003ec827fce\u003c/code\u003e\u003c/a\u003e 0.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f\"\u003e\u003ccode\u003e29b96b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to parameters\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/ac4c2345622a10a09c7ec229e3c29740935d67d7\"\u003e\u003ccode\u003eac4c234\u003c/code\u003e\u003c/a\u003e Update repo url (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/bdb663527106d51f149b12f74fca1018c20c8a53\"\u003e\u003ccode\u003ebdb6635\u003c/code\u003e\u003c/a\u003e 0.1.9\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v.0.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for path-to-regexp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pbkdf2` from 3.1.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md\"\u003epbkdf2's changelog\u003c/a\u003e.\u003c/...\n\n_Description has been truncated_","html_url":"https://github.com/Eprince-hub/react-graphql-frontend-backend-lessons/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Eprince-hub%2Freact-graphql-frontend-backend-lessons/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4626857064","node_id":"PR_kwDOCMNbws7kn_IR","number":1,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 15 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-10T00:48:17.000Z","updated_at":"2026-06-10T00:48:25.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":15,"packages":[{"name":"auth0-js","old_version":"9.0.0","new_version":"10.0.0","repository_url":"https://github.com/auth0/auth0.js"},{"name":"bootstrap","old_version":"3.3.7","new_version":"5.0.0","repository_url":"https://github.com/twbs/bootstrap"},{"name":"browserify-sign","old_version":"4.0.4","new_version":"4.2.6","repository_url":"https://github.com/crypto-browserify/browserify-sign"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"express","old_version":"4.15.3","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"handlebars","old_version":"4.0.10","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"lodash","old_version":"4.17.4","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"min-document","old_version":"2.19.0","new_version":"2.19.2","repository_url":"https://github.com/Raynos/min-document"},{"name":"sha.js","old_version":"2.4.8","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar","old_version":"2.2.1","new_version":"2.2.2","repository_url":"https://github.com/isaacs/node-tar"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 10 updates in the /05-Token-Renewal directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [auth0-js](https://github.com/auth0/auth0.js) | `9.0.0` | `10.0.0` |\n| [bootstrap](https://github.com/twbs/bootstrap) | `3.3.7` | `5.0.0` |\n| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.6` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [express](https://github.com/expressjs/express) | `4.15.3` | `4.22.2` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.0.10` | `4.7.9` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.4` | `4.18.1` |\n| [min-document](https://github.com/Raynos/min-document) | `2.19.0` | `2.19.2` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.8` | `2.4.12` |\n| [tar](https://github.com/isaacs/node-tar) | `2.2.1` | `2.2.2` |\n\n\nUpdates `auth0-js` from 9.0.0 to 10.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/auth0/auth0.js/releases\"\u003eauth0-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.0\u003c/h2\u003e\n\u003cp\u003eThis fixes the release failure (\u003ca href=\"https://redirect.github.com/auth0/auth0.js/issues/1631\"\u003e#1631\u003c/a\u003e).\n\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix: Resolve CVE-2026-42280\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking change\u003c/strong\u003e\u003c/p\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eAffected\u003c/th\u003e\n\u003cth\u003eDetails\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003eApps using RS256\u003c/td\u003e\n\u003ctd\u003eNo breaking change\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eApps using HS256\u003c/td\u003e\n\u003ctd\u003e\u003ccode\u003eparseHash()\u003c/code\u003e now returns an \u003ccode\u003einvalid_token\u003c/code\u003e error instead of silently succeeding. Must switch to RS256 in the Auth0 Dashboard: Applications → your app → Settings → Advanced Settings → OAuth → JsonWebToken Signature Algorithm → \u003ccode\u003eRS256\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003ev9.32.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: update \u003ccode\u003e@​auth0/component-cdn-uploader\u003c/code\u003e to version 2.5.0 \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1613\"\u003e#1613\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.31.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add Custom Token Exchange support \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1604\"\u003e#1604\u003c/a\u003e (\u003ca href=\"https://github.com/gyaneshgouraw-okta\"\u003egyaneshgouraw-okta\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.30.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: randomString function to handle invalid length \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1583\"\u003e#1583\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.30.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Improve error handling when login fails after signup \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1552\"\u003e#1552\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: convert mock files to ES module exports \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1563\"\u003e#1563\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.29.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: add null check for challenge in captcha rendering \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1541\"\u003e#1541\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.29.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edocs(core): fix missing captcha param in signup method jsdoc \u003ca href=\"https://redirect.github.com/auth0/auth0.js/issues/1471\"\u003e#1471\u003c/a\u003e \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1522\"\u003e#1522\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat: add Claude Code PR Review workflow \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1517\"\u003e#1517\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd a Refresh Token example using MRRT \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1499\"\u003e#1499\u003c/a\u003e (\u003ca href=\"https://github.com/ivan-vazquez\"\u003eivan-vazquez\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd a Refresh Token example \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1488\"\u003e#1488\u003c/a\u003e (\u003ca href=\"https://github.com/ivan-vazquez\"\u003eivan-vazquez\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.28.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure done callback is correctly fired on captcha reload \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1469\"\u003e#1469\u003c/a\u003e (\u003ca href=\"https://github.com/srijonsaha\"\u003esrijonsaha\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/auth0/auth0.js/blob/master/CHANGELOG.md\"\u003eauth0-js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/auth0/auth0.js/tree/v10.0.0\"\u003ev10.0.0\u003c/a\u003e (2026-05-06)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/auth0/auth0.js/compare/v9.32.0...v10.0.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix: Resolve CVE-2026-42280\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking change\u003c/strong\u003e\u003c/p\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eAffected\u003c/th\u003e\n\u003cth\u003eDetails\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003eApps using RS256\u003c/td\u003e\n\u003ctd\u003eNo breaking change\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eApps using HS256\u003c/td\u003e\n\u003ctd\u003e\u003ccode\u003eparseHash()\u003c/code\u003e now returns an \u003ccode\u003einvalid_token\u003c/code\u003e error instead of silently succeeding. Must switch to RS256 in the Auth0 Dashboard: Applications → your app → Settings → Advanced Settings → OAuth → JsonWebToken Signature Algorithm → \u003ccode\u003eRS256\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/auth0/auth0.js/tree/v9.32.0\"\u003ev9.32.0\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/auth0/auth0.js/compare/v9.31.0...v9.32.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/auth0/auth0.js/tree/v9.31.0\"\u003ev9.31.0\u003c/a\u003e (2026-03-16)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/auth0/auth0.js/compare/v9.30.1...v9.31.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add Custom Token Exchange support \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1604\"\u003e#1604\u003c/a\u003e (\u003ca href=\"https://github.com/gyaneshgouraw-okta\"\u003egyaneshgouraw-okta\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/auth0/auth0.js/tree/v9.30.1\"\u003ev9.30.1\u003c/a\u003e (2026-02-06)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/auth0/auth0.js/compare/v9.30.0...v9.30.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: randomString function to handle invalid length \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1583\"\u003e#1583\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/auth0/auth0.js/tree/v9.30.0\"\u003ev9.30.0\u003c/a\u003e (2026-01-09)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/auth0/auth0.js/compare/v9.29.1...v9.30.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Improve error handling when login fails after signup \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1552\"\u003e#1552\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: convert mock files to ES module exports \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1563\"\u003e#1563\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/auth0/auth0.js/tree/v9.29.1\"\u003ev9.29.1\u003c/a\u003e (2025-12-17)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/auth0/auth0.js/compare/v9.29.0...v9.29.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: add null check for challenge in captcha rendering \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1541\"\u003e#1541\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/auth0/auth0.js/tree/v9.29.0\"\u003ev9.29.0\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/auth0/auth0.js/compare/v9.28.0...v9.29.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edocs(core): fix missing captcha param in signup method jsdoc \u003ca href=\"https://redirect.github.com/auth0/auth0.js/issues/1471\"\u003e#1471\u003c/a\u003e \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1522\"\u003e#1522\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/5706408161535c9df05349c01dcd578139e280be\"\u003e\u003ccode\u003e5706408\u003c/code\u003e\u003c/a\u003e Release v10.0.0 (\u003ca href=\"https://redirect.github.com/auth0/auth0.js/issues/1639\"\u003e#1639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/7d0d1a78c1dc8d69480463fc621b22c018a29b0b\"\u003e\u003ccode\u003e7d0d1a7\u003c/code\u003e\u003c/a\u003e release 10.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/51dde32aaede15adceb7dd2db909aa7b42bb6d10\"\u003e\u003ccode\u003e51dde32\u003c/code\u003e\u003c/a\u003e fix : Pining NPM version to 11.10.0 (\u003ca href=\"https://redirect.github.com/auth0/auth0.js/issues/1638\"\u003e#1638\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/f87f9d3ca3d26079207b83b88af20eb1c2211560\"\u003e\u003ccode\u003ef87f9d3\u003c/code\u003e\u003c/a\u003e fix: revert NODE_VERSION to 22.22.2 in workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/db1e15c1598fabdf531c59e42b319cf3cf142e6f\"\u003e\u003ccode\u003edb1e15c\u003c/code\u003e\u003c/a\u003e Merge branch 'fix/release10' of github.com:auth0/auth0.js into fix/release10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/43e77b1a164a19955a281ec275abe2fa8b121570\"\u003e\u003ccode\u003e43e77b1\u003c/code\u003e\u003c/a\u003e fix: update Node.js version to 24 in workflows and npm publish action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/fee85333ea9ac2a5cf0d9c2409d32e5b3d0f549e\"\u003e\u003ccode\u003efee8533\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into fix/release10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/15655246ac43b01f41eadee0c955a9ff3605b764\"\u003e\u003ccode\u003e1565524\u003c/code\u003e\u003c/a\u003e fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/c5156ff6f0e06eb824df5ed2460c907d9b955faa\"\u003e\u003ccode\u003ec5156ff\u003c/code\u003e\u003c/a\u003e Release v10.0.0 (\u003ca href=\"https://redirect.github.com/auth0/auth0.js/issues/1637\"\u003e#1637\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/8b9fd377880cf65f9f61ea67152870e6b912425f\"\u003e\u003ccode\u003e8b9fd37\u003c/code\u003e\u003c/a\u003e Release v10.0.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/auth0/auth0.js/compare/v9.0.0...v10.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for auth0-js since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bootstrap` from 3.3.7 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/twbs/bootstrap/releases\"\u003ebootstrap's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eHighlights\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32155\"\u003e#32155\u003c/a\u003e: Updated \u003ccode\u003emake-col()\u003c/code\u003e mixin to generate equal columns when no size is specified\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32763\"\u003e#32763\u003c/a\u003e: Added new \u003ccode\u003ecolor-scheme()\u003c/code\u003e mixin\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33389\"\u003e#33389\u003c/a\u003e: Dropdown menus now have option become clickable\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33453\"\u003e#33453\u003c/a\u003e: Added new docs footer\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33548\"\u003e#33548\u003c/a\u003e: Offcanvas header components are now vertically aligned\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33549\"\u003e#33549\u003c/a\u003e: Added offcanvas-top modifier\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33634\"\u003e#33634\u003c/a\u003e: Added support for \u003ccode\u003e.dropdown-item\u003c/code\u003es wrapped in \u003ccode\u003e\u0026lt;li\u0026gt;\u003c/code\u003es\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33626\"\u003e#33626\u003c/a\u003e: Fix v5 regressions in tab dropdown functionality\u003c/p\u003e\n\u003ch2\u003e🚀 Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32763\"\u003e#32763\u003c/a\u003e: Add \u003ccode\u003ecolor-scheme\u003c/code\u003e mixin\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33389\"\u003e#33389\u003c/a\u003e: Dropdown — Add option to make the dropdown menu clickable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33549\"\u003e#33549\u003c/a\u003e: Add offcanvas-top modifier\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🎨 CSS\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32155\"\u003e#32155\u003c/a\u003e: Add equal column mixin\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32763\"\u003e#32763\u003c/a\u003e: Add \u003ccode\u003ecolor-scheme\u003c/code\u003e mixin\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33292\"\u003e#33292\u003c/a\u003e: Make accordion icon rotation more natural\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33411\"\u003e#33411\u003c/a\u003e: Fix validation feedback icon in select multiple\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33478\"\u003e#33478\u003c/a\u003e: Make \u003ccode\u003e.nav-link\u003c/code\u003e color consistent when using buttons\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33482\"\u003e#33482\u003c/a\u003e: Dropdown — Apply positioning only when Popper is not used\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33548\"\u003e#33548\u003c/a\u003e: Vertically align offcanvas header components\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33549\"\u003e#33549\u003c/a\u003e: Add offcanvas-top modifier\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33550\"\u003e#33550\u003c/a\u003e: Spinner alignment changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33598\"\u003e#33598\u003c/a\u003e: Hide validation icons from multiple selects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33600\"\u003e#33600\u003c/a\u003e: Have $form-check-input-border's default derive from $black\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33607\"\u003e#33607\u003c/a\u003e: Reduce color-scheme complexity\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33642\"\u003e#33642\u003c/a\u003e: use \u003ccode\u003e:read-only\u003c/code\u003e css selector instead \u003ccode\u003e[readonly]\u003c/code\u003e for consistency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33658\"\u003e#33658\u003c/a\u003e: fix: use list-group variable instead of alert\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33736\"\u003e#33736\u003c/a\u003e: accordion: fix \u003ccode\u003eborder-top\u003c/code\u003e on Firefox\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e☕️ JavaScript\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32439\"\u003e#32439\u003c/a\u003e: Decouple BackDrop from modal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33245\"\u003e#33245\u003c/a\u003e: Decouple Modal's scrollbar functionality\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33249\"\u003e#33249\u003c/a\u003e: Simplify Modal Config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33250\"\u003e#33250\u003c/a\u003e: Simplify ScrollSpy config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33310\"\u003e#33310\u003c/a\u003e: fix: make EventHandler better handle mouseenter/mouseleave events\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33389\"\u003e#33389\u003c/a\u003e: Dropdown — Add option to make the dropdown menu clickable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33429\"\u003e#33429\u003c/a\u003e: Remove element event listeners through base component\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33451\"\u003e#33451\u003c/a\u003e: Add missing things in \u003ccode\u003ehide\u003c/code\u003e method of dropdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33456\"\u003e#33456\u003c/a\u003e: Use our \u003ccode\u003eisDisabled\u003c/code\u003e util on dropdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33466\"\u003e#33466\u003c/a\u003e: Refactor dropdown's hide functionality\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33479\"\u003e#33479\u003c/a\u003e: Fix dropdown escape propagation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33496\"\u003e#33496\u003c/a\u003e:  Use cached \u003ccode\u003enoop\u003c/code\u003e function\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/bf0936748602c8109fd916c64b4560799fa1c3f8\"\u003e\u003ccode\u003ebf09367\u003c/code\u003e\u003c/a\u003e Release v5.0.0 (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33647\"\u003e#33647\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/48ae5a7149d30d7d80cecbaaabaa88f7679c9172\"\u003e\u003ccode\u003e48ae5a7\u003c/code\u003e\u003c/a\u003e Rewrite migration guide (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33834\"\u003e#33834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/f0865727b7d5f274a818510219e024d227affe11\"\u003e\u003ccode\u003ef086572\u003c/code\u003e\u003c/a\u003e refactor(docs): Added form file input variables (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33833\"\u003e#33833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/1a54286befabfb8c18de420df4d7074ab7eb77b3\"\u003e\u003ccode\u003e1a54286\u003c/code\u003e\u003c/a\u003e Fix doc typo and Bootstrap Icons link (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33832\"\u003e#33832\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/e2df73fa9a2062ed5489a1bd80b9d0ddbf211a53\"\u003e\u003ccode\u003ee2df73f\u003c/code\u003e\u003c/a\u003e Update migration guide for some v5 changes (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33829\"\u003e#33829\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/1e6356ab43df6ca3e0c05499a4d690235fbd6fc7\"\u003e\u003ccode\u003e1e6356a\u003c/code\u003e\u003c/a\u003e Neutralise more words from placeholder text (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33731\"\u003e#33731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/6633845901672cb642c0975e6fea3d1a1fa20058\"\u003e\u003ccode\u003e6633845\u003c/code\u003e\u003c/a\u003e Bump eslint-config-xo from 0.35.0 to 0.36.0 (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33646\"\u003e#33646\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/cb38744cf79b347ec2a32e0dcfe5c42402dc15ea\"\u003e\u003ccode\u003ecb38744\u003c/code\u003e\u003c/a\u003e Tweak toast docs (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33810\"\u003e#33810\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/c2ff22532e9f05d98b8db7c0b179d252387e77a3\"\u003e\u003ccode\u003ec2ff225\u003c/code\u003e\u003c/a\u003e Bump rollup from 2.46.0 to 2.47.0 (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33818\"\u003e#33818\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/c090ea2f4fbdc12e37def7c3bf9eb4c96c804d34\"\u003e\u003ccode\u003ec090ea2\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​babel/preset-env\u003c/code\u003e from 7.14.0 to 7.14.1 (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33819\"\u003e#33819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/twbs/bootstrap/compare/v3.3.7...v5.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~mdo\"\u003emdo\u003c/a\u003e, a new releaser for bootstrap since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `browserify-sign` from 4.0.4 to 4.2.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md\"\u003ebrowserify-sign's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.5...v4.2.6\"\u003ev4.2.6\u003c/a\u003e - 2026-05-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] increase coverage \u003ca href=\"https://github.com/browserify/browserify-sign/commit/6f06a33bd0fe2026a7bbd29615247eef8857a3be\"\u003e\u003ccode\u003e6f06a33\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] sign/verify generic SHA algorithms with RSA keys \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d2a3f56849f6144fa401747f3a7d4ba50b2f6375\"\u003e\u003ccode\u003ed2a3f56\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/59163472512ff1dd7364e306c2f84c9612713e59\"\u003e\u003ccode\u003e5916347\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/fb4be1da89c096a702db2516ee7a316efb84f90f\"\u003e\u003ccode\u003efb4be1d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ebn.js\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/da150041ced8bdf06d1115c6f9443bac066dd6ee\"\u003e\u003ccode\u003eda15004\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] set audit-level to make posttest happy \u003ca href=\"https://github.com/browserify/browserify-sign/commit/224dffe2ff5d2e4bed83f360aab4ada951a66544\"\u003e\u003ccode\u003e224dffe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.4...v4.2.5\"\u003ev4.2.5\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] clean up tests and convert console info skips to tape skips \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] drop unsupported nodes from CI \u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.3...v4.2.4\"\u003ev4.2.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[actions] split out node 10-20, and 20+ \u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove \u003ccode\u003efiles\u003c/code\u003e field \u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003esemver\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5f6698211aa1d6dddaba8c245f40f63ae28924a3\"\u003e\u003ccode\u003e5f66982\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] replace \u003ccode\u003eaud\u003c/code\u003e with \u003ccode\u003enpm audit\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d44b24d8691d699ccc76780b106fe9c1bf0d1558\"\u003e\u003ccode\u003ed44b24d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] revert 9e2bf12, now that v3.1.1 is out \u003ca href=\"https://github.com/browserify/browserify-sign/commit/428cf7f3f0d09f1b39312e5e51620ca684b5c1ac\"\u003e\u003ccode\u003e428cf7f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.2...v4.2.3\"\u003ev4.2.3\u003c/a\u003e - 2024-03-05\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[patch] widen support to 0.12 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9247adfd261ededfec1c036c9d8f36c4e9f87c0e\"\u003e\u003ccode\u003e9247adf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[patch] drop minimum node support to v1 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/4d0ee49ae2dc238b877dce9aed7e23fb4cb5088d\"\u003e\u003ccode\u003e4d0ee49\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eaud\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/87f3a35a587b377da2c1987af8d41c57b5afe0a5\"\u003e\u003ccode\u003e87f3a35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] remove redundant finisher \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37a475856843b7d1b2403fdafac0024ba252e579\"\u003e\u003ccode\u003e37a4758\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003ehash-base\u003c/code\u003e to ~3.0, due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9e2bf122b70970cb92f69d53e963f18299f14d66\"\u003e\u003ccode\u003e9e2bf12\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1 [\u003c/code\u003ef427270`](\u003ca href=\"https://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\"\u003ehttps://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/fb261cea57f92b3d98bc4d8bc6228c43a5de2e91\"\u003e\u003ccode\u003efb261ce\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003eelliptic\u003c/code\u003e due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/168e16fcb54886a0281b0c983e1482a097042684\"\u003e\u003ccode\u003e168e16f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.1...v4.2.2\"\u003ev4.2.2\u003c/a\u003e - 2023-10-25\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] log when openssl doesn't support cipher \u003ca href=\"https://redirect.github.com/browserify/browserify-sign/issues/37\"\u003e\u003ccode\u003e[#37](https://github.com/crypto-browserify/browserify-sign/issues/37)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/342573865d9792300f40ebda912d38295a3d19f1\"\u003e\u003ccode\u003e3425738\u003c/code\u003e\u003c/a\u003e v4.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/fb4be1da89c096a702db2516ee7a316efb84f90f\"\u003e\u003ccode\u003efb4be1d\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/d2a3f56849f6144fa401747f3a7d4ba50b2f6375\"\u003e\u003ccode\u003ed2a3f56\u003c/code\u003e\u003c/a\u003e [Fix] sign/verify generic SHA algorithms with RSA keys\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/224dffe2ff5d2e4bed83f360aab4ada951a66544\"\u003e\u003ccode\u003e224dffe\u003c/code\u003e\u003c/a\u003e [meta] set audit-level to make posttest happy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/da150041ced8bdf06d1115c6f9443bac066dd6ee\"\u003e\u003ccode\u003eda15004\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003ebn.js\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/59163472512ff1dd7364e306c2f84c9612713e59\"\u003e\u003ccode\u003e5916347\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/6f06a33bd0fe2026a7bbd29615247eef8857a3be\"\u003e\u003ccode\u003e6f06a33\u003c/code\u003e\u003c/a\u003e [Tests] increase coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/d3a7458af692134219fce56a082068f678e12474\"\u003e\u003ccode\u003ed3a7458\u003c/code\u003e\u003c/a\u003e v4.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e [Tests] clean up tests and convert console info skips to tape skips\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e [Fix] restore node 0.10 support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/browserify-sign/compare/v4.0.4...v4.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for browserify-sign since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookiejar` from 2.1.1 to 2.1.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/bmeck/node-cookiejar/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `crypto-js` from 3.1.9-1 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/808f499ec789fcd68416328a40b8735a5c962116\"\u003e\u003ccode\u003e808f499\u003c/code\u003e\u003c/a\u003e Merge branch 'release/4.2.0'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/d5af3ae4130f63342e5623a22f225c612a32e34a\"\u003e\u003ccode\u003ed5af3ae\u003c/code\u003e\u003c/a\u003e Update release notes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/9496e07c9a727f54e98942e86dd931d27558ea02\"\u003e\u003ccode\u003e9496e07\u003c/code\u003e\u003c/a\u003e Bump version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/421dd538b2d34e7c24a5b72cc64dc2b9167db40a\"\u003e\u003ccode\u003e421dd53\u003c/code\u003e\u003c/a\u003e Change default hash algorithm and iteration's for PBKDF2 to prevent weak secu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/d1f4f4daec4f053be3eea4f6233d1d05ccec22fa\"\u003e\u003ccode\u003ed1f4f4d\u003c/code\u003e\u003c/a\u003e Update grunt.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/c7552897a45df2a32a595b7708addbe865a8b64d\"\u003e\u003ccode\u003ec755289\u003c/code\u003e\u003c/a\u003e Discontinued\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/1da3dabf93f0a0435c47627d6f171ad25f452012\"\u003e\u003ccode\u003e1da3dab\u003c/code\u003e\u003c/a\u003e Discontinued\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/4dcaa7afd08f48cd285463b8f9499cdb242605fa\"\u003e\u003ccode\u003e4dcaa7a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/brix/crypto-js/issues/380\"\u003e#380\u003c/a\u003e from Alanscut/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/762feb23a59f5db565b1e9c7ffbe7476264b755f\"\u003e\u003ccode\u003e762feb2\u003c/code\u003e\u003c/a\u003e chore: rename BF to Blowfish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/fb81418583004d903fbc63190be21e460a52521b\"\u003e\u003ccode\u003efb81418\u003c/code\u003e\u003c/a\u003e feat: blowfish support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/brix/crypto-js/compare/3.1.9-1...4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.15.3 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.15.3...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.0.10 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8 - July 27th, 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.7 - February 15th, 2021\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix weird error in integration tests - eb860c0\u003c/li\u003e\n\u003cli\u003efix: check prototype property access in strict-mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1736\"\u003e#1736\u003c/a\u003e) - b6d3de7\u003c/li\u003e\n\u003cli\u003efix: escape property names in compat mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1736\"\u003e#1736\u003c/a\u003e) - f058970\u003c/li\u003e\n\u003cli\u003erefactor: In spec tests, use expectTemplate over equals and shouldThrow (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1683\"\u003e#1683\u003c/a\u003e) - 77825f8\u003c/li\u003e\n\u003cli\u003echore: start testing on Node.js 12 and 13 - 3789a30\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e(POSSIBLY) BREAKING CHANGES:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ethe changes from version \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md#v460---january-8th-2020\"\u003e4.6.0\u003c/a\u003e now also apply\nin when using the compile-option \u0026quot;strict: true\u0026quot;. Access to prototype properties is forbidden completely by default, specific properties or methods\ncan be allowed via runtime-options. See \u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1633\"\u003e#1633\u003c/a\u003e for details. If you are using Handlebars as documented, you should not be accessing prototype properties\nfrom your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThat is why we only bump the patch version despite mentioning breaking changes.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/wycats/handlebars.js/compare/v4.7.6...v4.7.7\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.6 - April 3rd, 2020\u003c/h2\u003e\n\u003cp\u003eChore/Housekeeping:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/wycats/handlebars.js/issues/1672\"\u003e#1672\u003c/a\u003e - Switch cmd parser to latest minimist (\u003ca href=\"https://api.github.com/users/dougwilson\"\u003e\u003ccode\u003e@​dougwilson\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCompatibility notes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestored Node.js compatibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/dce542c9a660048d31f0981ac8a45c08b919bddb\"\u003e\u003ccode\u003edce542c\u003c/code\u003e\u003c/a\u003e v4.7.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8a41389ba5b2624b6f43a5463d8e2533b843a562\"\u003e\u003ccode\u003e8a41389\u003c/code\u003e\u003c/a\u003e Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2\"\u003e\u003ccode\u003e68d8df5\u003c/code\u003e\u003c/a\u003e Fix security issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/b2a083136b11e1da9f0f47a11f749a9830a49328\"\u003e\u003ccode\u003eb2a0831\u003c/code\u003e\u003c/a\u003e Fix browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/9f98c1629834abf8de5a127caff8a2eab03d2c12\"\u003e\u003ccode\u003e9f98c16\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/45443b4290475dfb7cec32a85d344f12ab345eb9\"\u003e\u003ccode\u003e45443b4\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Improve partial indenting performance\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8841a5f6d35096aee95d68e1e49636a4cb5c661e\"\u003e\u003ccode\u003e8841a5f\u003c/code\u003e\u003c/a\u003e Fix CI errors with linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e0137c26f2202593bca7cc25184e733e87d54709\"\u003e\u003ccode\u003ee0137c2\u003c/code\u003e\u003c/a\u003e fix: enable shell mode for spawn to resolve Windows EINVAL issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e914d6037ffb0dd371f7e4823cdb019732ae66d7\"\u003e\u003ccode\u003ee914d60\u003c/code\u003e\u003c/a\u003e Improve rendering performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/7de4b41c344a5d702edca93d1841b59642fa32bd\"\u003e\u003ccode\u003e7de4b41\u003c/code\u003e\u003c/a\u003e Upgrade GitHub Actions checkout and setup-node on 4.x branch\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.0.10...v4.7.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jaylinski\"\u003ejaylinski\u003c/a\u003e, a new releaser for handlebars since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.4 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.4...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `min-document` from 2.19.0 to 2.19.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/0d14150640e4dd159e092eb551b3aca8f3378991\"\u003e\u003ccode\u003e0d14150\u003c/code\u003e\u003c/a\u003e 2.19.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/49c2e0607bece7a041b8935bfb044ce6b65777d8\"\u003e\u003ccode\u003e49c2e06\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Raynos/min-document/issues/56\"\u003e#56\u003c/a\u003e from wasabina67/fix/prototype-pollution-removeAttribut...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/966646172d9063f880aeaf79882edfc3a0ceaca4\"\u003e\u003ccode\u003e9666461\u003c/code\u003e\u003c/a\u003e Fix prototype pollution vulnerability in removeAttributeNS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/4490b40cbb19feb26b09f217690a0969d1a89d51\"\u003e\u003ccode\u003e4490b40\u003c/code\u003e\u003c/a\u003e 2.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/2cd587153733d3346365df6033067f64f07690f5\"\u003e\u003ccode\u003e2cd5871\u003c/code\u003e\u003c/a\u003e update ignore\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/fe32e8da464cef622528725f647029a8fd7d95a6\"\u003e\u003ccode\u003efe32e8d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Raynos/min-document/issues/55\"\u003e#55\u003c/a\u003e from jameswassink/fix/prototype-pollution-removeAttrib...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/6c5f31aa57e2122fcedd4c7eae58b82f477e09f5\"\u003e\u003ccode\u003e6c5f31a\u003c/code\u003e\u003c/a\u003e Better prototype pollution fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/0d4e8192ef723fb869645256102a56ed922efd68\"\u003e\u003ccode\u003e0d4e819\u003c/code\u003e\u003c/a\u003e Fix prototype pollution in removeAttributeNS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/bf7b69130a364b5c6fcb8e623bffe43054994c65\"\u003e\u003ccode\u003ebf7b691\u003c/code\u003e\u003c/a\u003e Update package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/1b5402dcd5df3bf2575e71d463baa44dc2c05571\"\u003e\u003ccode\u003e1b5402d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Raynos/min-document/issues/49\"\u003e#49\u003c/a\u003e from PixnBits/patch-1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Raynos/min-document/compare/v2.19.0...v2.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 0.1.7 to 0.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.1.13\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eFix backtracking (again)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImproved backtracking protection for 0.1.x, will break some previously valid paths (see previous advisory: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\"\u003ehttps://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eError on bad input\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd error on bad input values  8f09549\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eBacktrack protection\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to parameters  29b96b4\n\u003cul\u003e\n\u003cli\u003eThis will break some edge cases but should improve performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"h...\n\n_Description has been truncated_","html_url":"https://github.com/lisaross/auth0-react-samples/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/lisaross%2Fauth0-react-samples/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4596863856","node_id":"PR_kwDOQj2LP87jGF7G","number":1,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-05T12:23:28.000Z","updated_at":"2026-06-05T12:28:13.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":16,"packages":[{"name":"axios","old_version":"0.18.0","new_version":"0.32.0","repository_url":"https://github.com/axios/axios"},{"name":"express","old_version":"4.16.4","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"lodash","old_version":"4.17.11","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"nodemailer","old_version":"4.7.0","new_version":"8.0.5","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"webpack-dev-server","old_version":"3.1.14","new_version":"5.2.4","repository_url":"https://github.com/webpack/webpack-dev-server"},{"name":"base-x","old_version":"3.0.4","new_version":"3.0.11","repository_url":"https://github.com/cryptocoinjs/base-x"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"handlebars","old_version":"4.0.5","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"on-headers","old_version":"1.0.1","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"pbkdf2","old_version":"3.0.17","new_version":"3.1.6","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"tar-fs","old_version":"1.16.3","new_version":"1.16.6","repository_url":"https://github.com/mafintosh/tar-fs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 12 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.18.0` | `0.32.0` |\n| [express](https://github.com/expressjs/express) | `4.16.4` | `4.22.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.11` | `4.18.1` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `4.7.0` | `8.0.5` |\n| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `3.1.14` | `5.2.4` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.4` | `3.0.11` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.0.5` | `4.7.9` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.1` | `1.1.0` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.0.17` | `3.1.6` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `1.16.3` | `1.16.6` |\n\n\nUpdates `axios` from 0.18.0 to 0.32.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.32.0 — May 4, 2026\u003c/h2\u003e\n\u003cp\u003eThis release backports a comprehensive set of security and hardening fixes from the v1.x branch into v0.x, covering prototype-pollution protections, default error redaction, stricter proxy/cookie/socket handling, and one breaking change to merged config and header object prototypes.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNull-prototype merged objects: mergeConfig and header merging now return objects with a null prototype to block prototype-pollution gadgets. Consumers must use Object.prototype.hasOwnProperty.call(obj, key) and avoid implicit string coercion against merged config or header objects. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefault error redaction: AxiosError.toJSON() now redacts sensitive keys by default to prevent credential leaks in logs. The behavior is configurable via config.redact, with defaults exposed on defaults.redact. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCookie \u0026amp; XSRF handling: Cookie names are read literally rather than via regex, and only own properties are respected when evaluating withXSRFToken. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProxy bypass IPv6 parity: NO_PROXY matching now handles canonical IPv4-mapped IPv6 forms such as ::ffff:127.0.0.1 and ::ffff:7f00:1. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNode http adapter hardening: Strips Proxy-Authorization when no proxy is in use and gates socketPath behind a new allowedSocketPaths allowlist (string or array, normalized) to reduce accidental Unix socket exposure. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBrowser xhr adapter: Stricter own-property checks when reading config and headers. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eURL parameters: AxiosURLSearchParams keeps %00 encoded and applies consistent encoding throughout. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePublic type surface: Adds formDataHeaderPolicy, redact, and allowedSocketPaths to the TypeScript declarations alongside their runtime defaults. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepo hygiene: Updates README.md and CHANGELOG.md, adds AGENTS.md, and refreshes the issue and PR templates. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.1...v0.32.0\"\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.1\u003c/h2\u003e\n\u003cp\u003eThis release backports a broad set of security hardenings from the v1 line — covering prototype-pollution defences, stream size enforcement, XSRF handling, URL null-byte encoding, and bounded FormData recursion — and drops committed \u003ccode\u003edist/\u003c/code\u003e artefacts along with Bower support.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBower \u0026amp; Committed \u003ccode\u003edist/\u003c/code\u003e Removed:\u003c/strong\u003e \u003ccode\u003edist/\u003c/code\u003e bundles are no longer committed to the repo, and \u003ccode\u003ebower.json\u003c/code\u003e plus the Grunt \u003ccode\u003epackage2bower\u003c/code\u003e task have been removed. CI still builds bundles before publish, so npm/yarn/pnpm consumers are unaffected; installs via Bower or directly from the git tree must migrate to npm or a CDN. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Header Merge (GHSA-6chq-wfr3-2hj9):\u003c/strong\u003e Tightened \u003ccode\u003eisFormData\u003c/code\u003e to reject plain/null-prototype objects and require \u003ccode\u003eappend\u003c/code\u003e, and guarded the Node HTTP adapter so \u003ccode\u003edata.getHeaders()\u003c/code\u003e is only merged when it is not inherited from \u003ccode\u003eObject.prototype\u003c/code\u003e. Blocks injected headers via polluted \u003ccode\u003egetHeaders\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Config Merging (GHSA-pf86-5x62-jrwf):\u003c/strong\u003e \u003ccode\u003emergeConfig\u003c/code\u003e, defaults resolution, and the HTTP adapter now uses own-property checks for \u003ccode\u003etransport\u003c/code\u003e, \u003ccode\u003eenv\u003c/code\u003e, \u003ccode\u003eBlob\u003c/code\u003e, \u003ccode\u003eformSerializer\u003c/code\u003e, and transforms arrays, and merged configs are returned as null-prototype objects. Prevents hijacking of the request flow through polluted prototypes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFormData / Params Recursion DoS:\u003c/strong\u003e Added a configurable \u003ccode\u003emaxDepth\u003c/code\u003e (default \u003ccode\u003e100\u003c/code\u003e, \u003ccode\u003eInfinity\u003c/code\u003e disables) to \u003ccode\u003etoFormData\u003c/code\u003e and params serialisation, throwing \u003ccode\u003eAxiosError\u003c/code\u003e with code \u003ccode\u003eERR_FORM_DATA_DEPTH_EXCEEDED\u003c/code\u003e when exceeded. Circular-reference detection is preserved. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNull-Byte Injection in Query Strings:\u003c/strong\u003e Removed the unsafe \u003ccode\u003e%00\u003c/code\u003e → null-byte substitution from \u003ccode\u003eAxiosURLSearchParams.encode\u003c/code\u003e so \u003ccode\u003e%00\u003c/code\u003e is preserved as-is. Other encoding behaviour (including \u003ccode\u003e%20\u003c/code\u003e → \u003ccode\u003e+\u003c/code\u003e) unchanged. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eConsolidated v1 Security Backport:\u003c/strong\u003e Rolls up remaining v1 hardenings into \u003ccode\u003ev0.x\u003c/code\u003e: \u003ccode\u003emaxContentLength\u003c/code\u003e enforcement for \u003ccode\u003eresponseType: 'stream'\u003c/code\u003e via a guarded transform with deferred piping, \u003ccode\u003emaxBodyLength\u003c/code\u003e enforcement for streamed uploads on native \u003ccode\u003ehttp\u003c/code\u003e/\u003ccode\u003ehttps\u003c/code\u003e with \u003ccode\u003emaxRedirects: 0\u003c/code\u003e, and stricter \u003ccode\u003ewithXSRFToken\u003c/code\u003e handling so only own boolean \u003ccode\u003etrue\u003c/code\u003e enables cross-origin XSRF headers. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCODEOWNERS:\u003c/strong\u003e Added \u003ccode\u003e.github/CODEOWNERS\u003c/code\u003e with \u003ccode\u003e* @jasonsaayman\u003c/code\u003e to set a default reviewer for all paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.0...v0.31.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.0\u003c/h2\u003e\n\u003cp\u003eThis release backports security fixes from v1.x, hardens the CI/CD supply chain with OIDC publishing and \u003ccode\u003ezizmor\u003c/code\u003e scanning, resolves TypeScript typing issues in \u003ccode\u003eAxiosInstance\u003c/code\u003e, and fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8db2d44896849a21ed9721185b1034df24e1ba7b\"\u003e\u003ccode\u003e8db2d44\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.32.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10840\"\u003e#10840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2af6116a957b1dd1b32056181326da8a5540d3bc\"\u003e\u003ccode\u003e2af6116\u003c/code\u003e\u003c/a\u003e chore: backport fixes from the v1x branch (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a589dc525af12e0fabef7d6e5be028ad433eee31\"\u003e\u003ccode\u003ea589dc5\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.31.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10766\"\u003e#10766\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b0c632f36a5ea2e73c9bdf3a54164a8ede925736\"\u003e\u003ccode\u003eb0c632f\u003c/code\u003e\u003c/a\u003e fix: backport security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b52187f4571b6b8663fed5904e3082ab30660364\"\u003e\u003ccode\u003eb52187f\u003c/code\u003e\u003c/a\u003e fix: harden config merging (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e3ddeb40f6a142a234925341151e2ca631a6de64\"\u003e\u003ccode\u003ee3ddeb4\u003c/code\u003e\u003c/a\u003e fix: header security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f4f2d76e25cc0f777e5416e2d76282ab873ef9dc\"\u003e\u003ccode\u003ef4f2d76\u003c/code\u003e\u003c/a\u003e chore: stop committing dist/ and remove bower (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1f2f64433e5be205d74471c78c2721909282b9c0\"\u003e\u003ccode\u003e1f2f644\u003c/code\u003e\u003c/a\u003e chore: add CODEOWNERS (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44bca902e1bdd7dd6490c7b4985b63e729b0e634\"\u003e\u003ccode\u003e44bca90\u003c/code\u003e\u003c/a\u003e fix: improve regex in AxiosURLSearchParams (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4c4f07fabdb005f5430bab797f12b55e2ed5fb33\"\u003e\u003ccode\u003e4c4f07f\u003c/code\u003e\u003c/a\u003e fix: form data recursion (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.18.0...v0.32.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.16.4 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.16.4...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.11 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.11...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nodemailer` from 4.7.0 to 8.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/releases\"\u003enodemailer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5\"\u003e8.0.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode SMTP server responses as UTF-8 at line boundary (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e95876b1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e0a43876\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.0...v8.0.1\"\u003e8.0.1\u003c/a\u003e (2026-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/7f8dde41438c66b8311e888fa5f8c518fcaba6f1\"\u003e7f8dde4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/381f628d55e62bb3131bd2a452fa1ce00bc48aea\"\u003e381f628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Gmail Workspace service configuration (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1787\"\u003e#1787\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/dc97ede417b3030b311771541b1f17f5ca76bcbf\"\u003edc97ede\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md\"\u003enodemailer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5\"\u003e8.0.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode SMTP server responses as UTF-8 at line boundary (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e95876b1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e0a43876\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.0...v8.0.1\"\u003e8.0.1\u003c/a\u003e (2026-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/7f8dde41438c66b8311e888fa5f8c518fcaba6f1\"\u003e7f8dde4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/381f628d55e62bb3131bd2a452fa1ce00bc48aea\"\u003e381f628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Gmail Workspace service configuration (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1787\"\u003e#1787\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/dc97ede417b3030b311771541b1f17f5ca76bcbf\"\u003edc97ede\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eError code 'NoAuth' renamed to 'ENOAUTH'\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/202cfb3e14010223204e9ba9f7430176be624f0f\"\u003e\u003ccode\u003e202cfb3\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.5 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1809\"\u003e#1809\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/b634abf05959edcc7207cdaba2c6541f92994cbb\"\u003e\u003ccode\u003eb634abf\u003c/code\u003e\u003c/a\u003e docs: add CLAUDE.md with project conventions and release process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e\u003ccode\u003e95876b1\u003c/code\u003e\u003c/a\u003e fix: decode SMTP server responses as UTF-8 at line boundary\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e\u003ccode\u003e0a43876\u003c/code\u003e\u003c/a\u003e fix: sanitize CRLF in transport name option to prevent SMTP command injection...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/08e59e64d0f8595fa535f07061787e0946372657\"\u003e\u003ccode\u003e08e59e6\u003c/code\u003e\u003c/a\u003e chore: update dev dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d319753c34d2f0ced24d8eb1d7d866d965f59f4\"\u003e\u003ccode\u003e2d31975\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.4 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1806\"\u003e#1806\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e\u003ccode\u003e2d7b971\u003c/code\u003e\u003c/a\u003e fix: sanitize envelope size to prevent SMTP command injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/4e702e97650aaff442a7bc040957ba9c53c614b8\"\u003e\u003ccode\u003e4e702e9\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.3 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1804\"\u003e#1804\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003e\u003ccode\u003ec803d90\u003c/code\u003e\u003c/a\u003e fix: remove familySupportCache that broke DNS resolution tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003e\u003ccode\u003ee8c8b92\u003c/code\u003e\u003c/a\u003e fix: fix cookie bugs, remove dead code, and improve hot-path efficiency\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v4.7.0...v8.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for nodemailer since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack-dev-server` from 3.1.14 to 5.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack-dev-server/releases\"\u003ewebpack-dev-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.4\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.3...v5.2.4\"\u003e5.2.4\u003c/a\u003e (2026-05-11)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eset Cross-Origin-Resource-Policy header to prevent source code theft over HTTP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.3\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.2...v5.2.3\"\u003e5.2.3\u003c/a\u003e (2026-01-12)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ecause\u003c/code\u003e for \u003ccode\u003eerrorObject\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5518\"\u003e#5518\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/37b033da2c48335178495a1987c469a26ef3de60\"\u003e37b033d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with event target and universal target and lazy compilation  (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/574026c44b9c51f0bbd2f5a2836c54607289a071\"\u003e574026c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eoverlay:\u003c/strong\u003e add ESC key to dismiss overlay (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5598\"\u003e#5598\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/f91baa8831e061e2998849966b8002b40b83fb07\"\u003ef91baa8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eprogress indicator styles (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5557\"\u003e#5557\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/41a53a1accdb0a90785d82cbe8a079794eeed3c8\"\u003e41a53a1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade selfsigned to v5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.2\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.1...v5.2.2\"\u003e5.2.2\u003c/a\u003e (2025-06-03)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u0026quot;Overlay enabled\u0026quot; false positive (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/18e72ee3e57a6e7598a6c068c0ff7c7bb6a857f1\"\u003e18e72ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not crush when error is null for runtime errors (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5447\"\u003e#5447\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/309991f947baa0354140b9930a9654ac792e20c4\"\u003e309991f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove unnecessary header \u003ccode\u003eX_TEST\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5451\"\u003e#5451\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/64a6124bf1b4d158bb42a4341dd03121ae3759fa\"\u003e64a6124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erespect the \u003ccode\u003eallowedHosts\u003c/code\u003e option for cross-origin header check (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5510\"\u003e#5510\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/03d12141bf7be09dfb14e91e5c834ee63bd9a9a2\"\u003e03d1214\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.0...v6.0.0\"\u003e5.2.1\u003c/a\u003e (2025-03-26)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecross-origin requests are not allowed unless allowed by \u003ccode\u003eAccess-Control-Allow-Origin\u003c/code\u003e header\u003c/li\u003e\n\u003cli\u003erequests with an IP addresses in the \u003ccode\u003eOrigin\u003c/code\u003e header are not allowed to connect to WebSocket server unless configured by \u003ccode\u003eallowedHosts\u003c/code\u003e or it different from the \u003ccode\u003eHost\u003c/code\u003e header\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe above changes may make the dev server not work if you relied on such behavior, but unfortunately they carry security risks, so they were considered as fixes.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent overlay for errors caught by React error boundaries (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5431\"\u003e#5431\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/8c1abc903ab444d9ce99e567b9a6c603e1ec06be\"\u003e8c1abc9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003etake the first network found instead of the last one, this restores the same behavior as 5.0.4 (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5411\"\u003e#5411\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/ffd0b86b790d372f90e17aea92cfd9def83fee96\"\u003effd0b86\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.1.0...v5.2.0\"\u003e5.2.0\u003c/a\u003e (2024-12-11)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack-dev-server/blob/main/CHANGELOG.md\"\u003ewebpack-dev-server's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.3...v5.2.4\"\u003e5.2.4\u003c/a\u003e (2026-05-11)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eset Cross-Origin-Resource-Policy header to prevent source code theft over HTTP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.2...v5.2.3\"\u003e5.2.3\u003c/a\u003e (2026-01-12)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ecause\u003c/code\u003e for \u003ccode\u003eerrorObject\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5518\"\u003e#5518\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/37b033da2c48335178495a1987c469a26ef3de60\"\u003e37b033d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with event target and universal target and lazy compilation  (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/574026c44b9c51f0bbd2f5a2836c54607289a071\"\u003e574026c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eoverlay:\u003c/strong\u003e add ESC key to dismiss overlay (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5598\"\u003e#5598\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/f91baa8831e061e2998849966b8002b40b83fb07\"\u003ef91baa8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eprogress indicator styles (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5557\"\u003e#5557\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/41a53a1accdb0a90785d82cbe8a079794eeed3c8\"\u003e41a53a1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade selfsigned to v5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.1...v5.2.2\"\u003e5.2.2\u003c/a\u003e (2025-06-03)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u0026quot;Overlay enabled\u0026quot; false positive (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/18e72ee3e57a6e7598a6c068c0ff7c7bb6a857f1\"\u003e18e72ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not crush when error is null for runtime errors (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5447\"\u003e#5447\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/309991f947baa0354140b9930a9654ac792e20c4\"\u003e309991f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove unnecessary header \u003ccode\u003eX_TEST\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5451\"\u003e#5451\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/64a6124bf1b4d158bb42a4341dd03121ae3759fa\"\u003e64a6124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erespect the \u003ccode\u003eallowedHosts\u003c/code\u003e option for cross-origin header check (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5510\"\u003e#5510\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/03d12141bf7be09dfb14e91e5c834ee63bd9a9a2\"\u003e03d1214\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.0...v6.0.0\"\u003e5.2.1\u003c/a\u003e (2025-03-26)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecross-origin requests are not allowed unless allowed by \u003ccode\u003eAccess-Control-Allow-Origin\u003c/code\u003e header\u003c/li\u003e\n\u003cli\u003erequests with an IP addresses in the \u003ccode\u003eOrigin\u003c/code\u003e header are not allowed to connect to WebSocket server unless configured by \u003ccode\u003eallowedHosts\u003c/code\u003e or it different from the \u003ccode\u003eHost\u003c/code\u003e header\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe above changes may make the dev server not work if you relied on such behavior, but unfortunately they carry security risks, so they were considered as fixes.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent overlay for errors caught by React error boundaries (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5431\"\u003e#5431\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/8c1abc903ab444d9ce99e567b9a6c603e1ec06be\"\u003e8c1abc9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003etake the first network found instead of the last one, this restores the same behavior as 5.0.4 (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5411\"\u003e#5411\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/ffd0b86b790d372f90e17aea92cfd9def83fee96\"\u003effd0b86\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.1.0...v5.2.0\"\u003e5.2.0\u003c/a\u003e (2024-12-11)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadded \u003ccode\u003egetClientEntry\u003c/code\u003e and \u003ccode\u003egetClientHotEntry\u003c/code\u003e methods to get clients entries (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/dc642a832d45c23c5c7a08fbf29995e0db7e0d95\"\u003edc642a8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/fd401308f1cc026262880e2dab810004d6444282\"\u003e\u003ccode\u003efd40130\u003c/code\u003e\u003c/a\u003e chore(release): 5.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/ece4f3617bea31fb6d3833f69a32b6c289959a49\"\u003e\u003ccode\u003eece4f36\u003c/code\u003e\u003c/a\u003e chore: update deps (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5661\"\u003e#5661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/a2161442a314a06a97e25d1404d08410cb4e9c51\"\u003e\u003ccode\u003ea216144\u003c/code\u003e\u003c/a\u003e ci: fix test (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5658\"\u003e#5658\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/df073c53a8cefb54210b43813fa6ee60364a554e\"\u003e\u003ccode\u003edf073c5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/b550a702bd4246d1724513b70de0bfbe6604672f\"\u003e\u003ccode\u003eb550a70\u003c/code\u003e\u003c/a\u003e chore(release): 5.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/9704dc52e3f696ae1446428c25882745e9b65cbb\"\u003e\u003ccode\u003e9704dc5\u003c/code\u003e\u003c/a\u003e chore: upgrade selfsigned to v5 and remove node-forge dependency (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5618\"\u003e#5618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/92bf644784741e8ea5adaa4a1dc26f4d462f223d\"\u003e\u003ccode\u003e92bf644\u003c/code\u003e\u003c/a\u003e chore: bump express to update qs (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5621\"\u003e#5621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/792b2f0bd13a3b93abf701fe3a5cf41ee16722f4\"\u003e\u003ccode\u003e792b2f0\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the dependencies group with 4 updates (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5606\"\u003e#5606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/6d587cab3e023675de2feedf81bcdfcec7d5b774\"\u003e\u003ccode\u003e6d587ca\u003c/code\u003e\u003c/a\u003e chore(deps): bump the dependencies group across 1 directory with 27 updates (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/f91baa8831e061e2998849966b8002b40b83fb07\"\u003e\u003ccode\u003ef91baa8\u003c/code\u003e\u003c/a\u003e fix(overlay): add ESC key to dismiss overlay (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5598\"\u003e#5598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v3.1.14...v5.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `base-x` from 3.0.4 to 3.0.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/043a888a9bae09bc4b40500e37792e2c6398e9f2\"\u003e\u003ccode\u003e043a888\u003c/code\u003e\u003c/a\u003e 3.0.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/2705dddd2565b455641985974b534291d8defb31\"\u003e\u003ccode\u003e2705ddd\u003c/code\u003e\u003c/a\u003e [backport 3.x] Prohibit char codes that would overflow the \u003ccode\u003eBASE_MAP\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/3d43c0e16bfbc045a0a8bb6423e6e336df81b512\"\u003e\u003ccode\u003e3d43c0e\u003c/code\u003e\u003c/a\u003e 3.0.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/0a3544695fa6800649a8b78ed46cece61bcdbbe5\"\u003e\u003ccode\u003e0a35446\u003c/code\u003e\u003c/a\u003e Improve decoding performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/4c10d3313a5838ce122ca3022823f1b4b153b843\"\u003e\u003ccode\u003e4c10d33\u003c/code\u003e\u003c/a\u003e 3.0.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/c9dcddd5d68c5cb5fb87d3baa4382c596d574602\"\u003e\u003ccode\u003ec9dcddd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/cryptocoinjs/base-x/issues/78\"\u003e#78\u003c/a\u003e from cryptocoinjs/fix/space-alphabets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/6c54632a1bebd60fb79203c65badeec2b4360af3\"\u003e\u003ccode\u003e6c54632\u003c/code\u003e\u003c/a\u003e Fix alphabets with space in them\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/69c09ed8b5cd0ea9853b4420337a5be0540becb5\"\u003e\u003ccode\u003e69c09ed\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/cryptocoinjs/base-x/issues/73\"\u003e#73\u003c/a\u003e from terrierscript/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/1dd37959d559049397b7744ef3c4f1afd047aba9\"\u003e\u003ccode\u003e1dd3795\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/806ef3f473cb6c9a84559811f411b99cbcf93deb\"\u003e\u003ccode\u003e806ef3f\u003c/code\u003e\u003c/a\u003e 3.0.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cryptocoinjs/base-x/compare/v3.0.4...v3.0.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `elliptic` from 6.4.0 to 6.6.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/9b77436a59cc35eccf4ffb848259c8762a492ee7\"\u003e\u003ccode\u003e9b77436\u003c/code\u003e\u003c/a\u003e 6.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/04cb6f54ce552b3ebde6be06d6050419e1c7333e\"\u003e\u003ccode\u003e04cb6f5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/b8a7edd61a0d9bddd0bbf3436a4b476401edbe20\"\u003e\u003ccode\u003eb8a7edd\u003c/code\u003e\u003c/a\u003e 6.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/34c853478cec1be4e37260ed2cb12cdbdc6402cf\"\u003e\u003ccode\u003e34c8534\u003c/code\u003e\u003c/a\u003e fix: signature verification due to leading zeros\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/3e46a48fdd2ef2f89593e5e058d85530578c9761\"\u003e\u003ccode\u003e3e46a48\u003c/code\u003e\u003c/a\u003e 6.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/accb61e9c1a005e5c8ff96a8b33893100bb42d11\"\u003e\u003ccode\u003eaccb61e\u003c/code\u003e\u003c/a\u003e lib: DER signature decoding correction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/03e06e135c8e44a2da560fa197d0ba1e1e2759e9\"\u003e\u003ccode\u003e03e06e1\u003c/code\u003e\u003c/a\u003e 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281\"\u003e\u003ccode\u003e7ac5360\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/75700785ff41bb5d029d19186beff26d4883caa5\"\u003e\u003ccode\u003e7570078\u003c/code\u003e\u003c/a\u003e 6.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/206da2ee373e68466cde353f81fb59ef251b740b\"\u003e\u003ccode\u003e206da2e\u003c/code\u003e\u003c/a\u003e lib: lint\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/elliptic/compare/v6.4.0...v6.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.5.9 to 1.5.10\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/91842752013b26ed780f7b04e557c72f02228cde\"\u003e\u003ccode\u003e9184275\u003c/code\u003e\u003c/a\u003e Release version 1.5.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/988acfa0ff49b17eecf209afd491d6a57cce6893\"\u003e\u003ccode\u003e988acfa\u003c/code\u003e\u003c/a\u003e Update dependencies.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/41f20b99d7f6952ca4faad22724bdda0126e4a46\"\u003e\u003ccode\u003e41f20b9\u003c/code\u003e\u003c/a\u003e Preserve ports when the host option is used.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5b76cf33b824519fb28e60d0ba331d2919358085\"\u003e\u003ccode\u003e5b76cf3\u003c/code\u003e\u003c/a\u003e Test on Node 11.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/d62452b0ca5f8ca33a6191c4980817964b74e480\"\u003e\u003ccode\u003ed62452b\u003c/code\u003e\u003c/a\u003e In Node 11, aborted is a boolean.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/4fbbad5b82a3bbd3cf581f004e42760e44acbfe9\"\u003e\u003ccode\u003e4fbbad5\u003c/code\u003e\u003c/a\u003e Ensure all tests return their promise.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/c01a2b41af9dc234c9df5ecb139e1d15e3080f42\"\u003e\u003ccode\u003ec01a2b4\u003c/code\u003e\u003c/a\u003e Fix typo.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5373becd47e42718346970ee88fe46286f74f8fd\"\u003e\u003ccode\u003e5373bec\u003c/code\u003e\u003c/a\u003e Add downloads badge.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/69a430cc50539af24864d1b125c28147601d6288\"\u003e\u003ccode\u003e69a430c\u003c/code\u003e\u003c/a\u003e Update author and contributors.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5ebe201a804f8b3575f2b4f2d37f5775ba991198\"\u003e\u003ccode\u003e5ebe201\u003c/code\u003e\u003c/a\u003e Update license date.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.5.9...v1.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.0.5 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps:...\n\n_Description has been truncated_","html_url":"https://github.com/goodgollyholly/proofofexistence/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/goodgollyholly%2Fproofofexistence/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4593359986","node_id":"PR_kwDOE9b0hM7i6rYi","number":4,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 26 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-05T01:19:06.000Z","updated_at":"2026-06-05T01:19:12.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":26,"packages":[{"name":"axios","old_version":"0.21.1","new_version":"0.32.0","repository_url":"https://github.com/axios/axios"},{"name":"lodash","old_version":"4.17.20","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"@babel/helpers","old_version":"7.12.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.12.1","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"bn.js","old_version":"4.11.9","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"qs","old_version":"6.5.2","new_version":"6.5.5","repository_url":"https://github.com/ljharb/qs"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"elliptic","old_version":"6.5.3","new_version":"removed","repository_url":"https://github.com/indutny/elliptic"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 10 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.1` | `0.32.0` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.20` | `4.18.1` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.12.5` | `7.29.7` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.12.1` | `7.29.7` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.11.9` | `4.12.3` |\n| [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.5.5` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [elliptic](https://github.com/indutny/elliptic) | `6.5.3` | `removed` |\n\n\nUpdates `axios` from 0.21.1 to 0.32.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.32.0 — May 4, 2026\u003c/h2\u003e\n\u003cp\u003eThis release backports a comprehensive set of security and hardening fixes from the v1.x branch into v0.x, covering prototype-pollution protections, default error redaction, stricter proxy/cookie/socket handling, and one breaking change to merged config and header object prototypes.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNull-prototype merged objects: mergeConfig and header merging now return objects with a null prototype to block prototype-pollution gadgets. Consumers must use Object.prototype.hasOwnProperty.call(obj, key) and avoid implicit string coercion against merged config or header objects. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefault error redaction: AxiosError.toJSON() now redacts sensitive keys by default to prevent credential leaks in logs. The behavior is configurable via config.redact, with defaults exposed on defaults.redact. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCookie \u0026amp; XSRF handling: Cookie names are read literally rather than via regex, and only own properties are respected when evaluating withXSRFToken. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProxy bypass IPv6 parity: NO_PROXY matching now handles canonical IPv4-mapped IPv6 forms such as ::ffff:127.0.0.1 and ::ffff:7f00:1. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNode http adapter hardening: Strips Proxy-Authorization when no proxy is in use and gates socketPath behind a new allowedSocketPaths allowlist (string or array, normalized) to reduce accidental Unix socket exposure. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBrowser xhr adapter: Stricter own-property checks when reading config and headers. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eURL parameters: AxiosURLSearchParams keeps %00 encoded and applies consistent encoding throughout. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePublic type surface: Adds formDataHeaderPolicy, redact, and allowedSocketPaths to the TypeScript declarations alongside their runtime defaults. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepo hygiene: Updates README.md and CHANGELOG.md, adds AGENTS.md, and refreshes the issue and PR templates. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.1...v0.32.0\"\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.1\u003c/h2\u003e\n\u003cp\u003eThis release backports a broad set of security hardenings from the v1 line — covering prototype-pollution defences, stream size enforcement, XSRF handling, URL null-byte encoding, and bounded FormData recursion — and drops committed \u003ccode\u003edist/\u003c/code\u003e artefacts along with Bower support.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBower \u0026amp; Committed \u003ccode\u003edist/\u003c/code\u003e Removed:\u003c/strong\u003e \u003ccode\u003edist/\u003c/code\u003e bundles are no longer committed to the repo, and \u003ccode\u003ebower.json\u003c/code\u003e plus the Grunt \u003ccode\u003epackage2bower\u003c/code\u003e task have been removed. CI still builds bundles before publish, so npm/yarn/pnpm consumers are unaffected; installs via Bower or directly from the git tree must migrate to npm or a CDN. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Header Merge (GHSA-6chq-wfr3-2hj9):\u003c/strong\u003e Tightened \u003ccode\u003eisFormData\u003c/code\u003e to reject plain/null-prototype objects and require \u003ccode\u003eappend\u003c/code\u003e, and guarded the Node HTTP adapter so \u003ccode\u003edata.getHeaders()\u003c/code\u003e is only merged when it is not inherited from \u003ccode\u003eObject.prototype\u003c/code\u003e. Blocks injected headers via polluted \u003ccode\u003egetHeaders\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Config Merging (GHSA-pf86-5x62-jrwf):\u003c/strong\u003e \u003ccode\u003emergeConfig\u003c/code\u003e, defaults resolution, and the HTTP adapter now uses own-property checks for \u003ccode\u003etransport\u003c/code\u003e, \u003ccode\u003eenv\u003c/code\u003e, \u003ccode\u003eBlob\u003c/code\u003e, \u003ccode\u003eformSerializer\u003c/code\u003e, and transforms arrays, and merged configs are returned as null-prototype objects. Prevents hijacking of the request flow through polluted prototypes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFormData / Params Recursion DoS:\u003c/strong\u003e Added a configurable \u003ccode\u003emaxDepth\u003c/code\u003e (default \u003ccode\u003e100\u003c/code\u003e, \u003ccode\u003eInfinity\u003c/code\u003e disables) to \u003ccode\u003etoFormData\u003c/code\u003e and params serialisation, throwing \u003ccode\u003eAxiosError\u003c/code\u003e with code \u003ccode\u003eERR_FORM_DATA_DEPTH_EXCEEDED\u003c/code\u003e when exceeded. Circular-reference detection is preserved. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNull-Byte Injection in Query Strings:\u003c/strong\u003e Removed the unsafe \u003ccode\u003e%00\u003c/code\u003e → null-byte substitution from \u003ccode\u003eAxiosURLSearchParams.encode\u003c/code\u003e so \u003ccode\u003e%00\u003c/code\u003e is preserved as-is. Other encoding behaviour (including \u003ccode\u003e%20\u003c/code\u003e → \u003ccode\u003e+\u003c/code\u003e) unchanged. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eConsolidated v1 Security Backport:\u003c/strong\u003e Rolls up remaining v1 hardenings into \u003ccode\u003ev0.x\u003c/code\u003e: \u003ccode\u003emaxContentLength\u003c/code\u003e enforcement for \u003ccode\u003eresponseType: 'stream'\u003c/code\u003e via a guarded transform with deferred piping, \u003ccode\u003emaxBodyLength\u003c/code\u003e enforcement for streamed uploads on native \u003ccode\u003ehttp\u003c/code\u003e/\u003ccode\u003ehttps\u003c/code\u003e with \u003ccode\u003emaxRedirects: 0\u003c/code\u003e, and stricter \u003ccode\u003ewithXSRFToken\u003c/code\u003e handling so only own boolean \u003ccode\u003etrue\u003c/code\u003e enables cross-origin XSRF headers. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCODEOWNERS:\u003c/strong\u003e Added \u003ccode\u003e.github/CODEOWNERS\u003c/code\u003e with \u003ccode\u003e* @jasonsaayman\u003c/code\u003e to set a default reviewer for all paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.0...v0.31.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.0\u003c/h2\u003e\n\u003cp\u003eThis release backports security fixes from v1.x, hardens the CI/CD supply chain with OIDC publishing and \u003ccode\u003ezizmor\u003c/code\u003e scanning, resolves TypeScript typing issues in \u003ccode\u003eAxiosInstance\u003c/code\u003e, and fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8db2d44896849a21ed9721185b1034df24e1ba7b\"\u003e\u003ccode\u003e8db2d44\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.32.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10840\"\u003e#10840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2af6116a957b1dd1b32056181326da8a5540d3bc\"\u003e\u003ccode\u003e2af6116\u003c/code\u003e\u003c/a\u003e chore: backport fixes from the v1x branch (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a589dc525af12e0fabef7d6e5be028ad433eee31\"\u003e\u003ccode\u003ea589dc5\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.31.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10766\"\u003e#10766\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b0c632f36a5ea2e73c9bdf3a54164a8ede925736\"\u003e\u003ccode\u003eb0c632f\u003c/code\u003e\u003c/a\u003e fix: backport security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b52187f4571b6b8663fed5904e3082ab30660364\"\u003e\u003ccode\u003eb52187f\u003c/code\u003e\u003c/a\u003e fix: harden config merging (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e3ddeb40f6a142a234925341151e2ca631a6de64\"\u003e\u003ccode\u003ee3ddeb4\u003c/code\u003e\u003c/a\u003e fix: header security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f4f2d76e25cc0f777e5416e2d76282ab873ef9dc\"\u003e\u003ccode\u003ef4f2d76\u003c/code\u003e\u003c/a\u003e chore: stop committing dist/ and remove bower (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1f2f64433e5be205d74471c78c2721909282b9c0\"\u003e\u003ccode\u003e1f2f644\u003c/code\u003e\u003c/a\u003e chore: add CODEOWNERS (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44bca902e1bdd7dd6490c7b4985b63e729b0e634\"\u003e\u003ccode\u003e44bca90\u003c/code\u003e\u003c/a\u003e fix: improve regex in AxiosURLSearchParams (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4c4f07fabdb005f5430bab797f12b55e2ed5fb33\"\u003e\u003ccode\u003e4c4f07f\u003c/code\u003e\u003c/a\u003e fix: form data recursion (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.21.1...v0.32.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.20 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.20...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.12.5 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/helpers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.12.1 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.11.9 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/84ae31344a557abb78ddabe3bac923b7503e4fb5\"\u003e\u003ccode\u003e84ae313\u003c/code\u003e\u003c/a\u003e 4.12.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/967ed0a50a9400bbbd83b450550cf37f7fa178b9\"\u003e\u003ccode\u003e967ed0a\u003c/code\u003e\u003c/a\u003e fix: Buffer not using global in browser (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/260\"\u003e#260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/61962320d7907a1a4d03a665782cb2733160c907\"\u003e\u003ccode\u003e6196232\u003c/code\u003e\u003c/a\u003e Fix LE constructor for HEX (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.11.9...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.5.2 to 6.5.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.5.5\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] fix regressions from robustness refactor\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e to autogenerate an npmignore file\u003c/li\u003e\n\u003cli\u003e[actions] update reusable workflows\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.5.4\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.5.3\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: ignore \u003ccode\u003e__proto__\u003c/code\u003e keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils.merge\u003c/code\u003e: avoid a crash with a null target and a truthy non-array source\u003c/li\u003e\n\u003cli\u003e[Fix] correctly parse nested arrays\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: fix a crash with \u003ccode\u003estrictNullHandling\u003c/code\u003e and a custom \u003ccode\u003efilter\u003c/code\u003e/\u003ccode\u003eserializeDate\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/279\"\u003e#279\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils\u003c/code\u003e: \u003ccode\u003emerge\u003c/code\u003e: fix crash when \u003ccode\u003esource\u003c/code\u003e is a truthy primitive \u0026amp; no options are provided\u003c/li\u003e\n\u003cli\u003e[Fix] when \u003ccode\u003eparseArrays\u003c/code\u003e is false, properly handle keys ending in \u003ccode\u003e[]\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] fix for an impossible situation: when the formatter is called with a non-string value\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils.merge\u003c/code\u003e: avoid a crash with a null target and an array source\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eutils\u003c/code\u003e: reduce observable [[Get]]s\u003c/li\u003e\n\u003cli\u003e[Refactor] use cached \u003ccode\u003eArray.isArray\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003estringify\u003c/code\u003e: Avoid arr = arr.concat(...), push to the existing instance (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/269\"\u003e#269\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: only need to reassign the var once\u003c/li\u003e\n\u003cli\u003e[Robustness] \u003ccode\u003estringify\u003c/code\u003e: avoid relying on a global \u003ccode\u003eundefined\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/427\"\u003e#427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] remove travis badge; add github actions/codecov badges; update URLs\u003c/li\u003e\n\u003cli\u003e[Docs] Clean up license text so it’s properly detected as BSD-3-Clause\u003c/li\u003e\n\u003cli\u003e[Docs] Clarify the need for \u0026quot;arrayLimit\u0026quot; option\u003c/li\u003e\n\u003cli\u003e[meta] fix README.md (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/399\"\u003e#399\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[meta] add FUNDING.yml\u003c/li\u003e\n\u003cli\u003e[actions] backport actions from main\u003c/li\u003e\n\u003cli\u003e[Tests] always use \u003ccode\u003eString(x)\u003c/code\u003e over \u003ccode\u003ex.toString()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] remove nonexistent tape option\u003c/li\u003e\n\u003cli\u003e[Dev Deps] backport from main\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a6d9f8e298703028bbd426a3bc49a1fb6a66363\"\u003e\u003ccode\u003e3a6d9f8\u003c/code\u003e\u003c/a\u003e v6.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/48160e70a97cab102591e55c5c4db19fb102cb54\"\u003e\u003ccode\u003e48160e7\u003c/code\u003e\u003c/a\u003e [actions] update reusable workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/2fc004a6194a49167711f7136678e908b3193eb9\"\u003e\u003ccode\u003e2fc004a\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e to autogenerate an npmignore file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/ddcc5d5ba5109c9c649e15a0ee4b1e4f0e202c55\"\u003e\u003ccode\u003eddcc5d5\u003c/code\u003e\u003c/a\u003e [Fix] fix regressions from robustness refactor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/c19048854aa13688f51208442e84717d7b280aae\"\u003e\u003ccode\u003ec190488\u003c/code\u003e\u003c/a\u003e v6.5.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/40b77c3c8d3b781fdb1e0b36490f6a36bca506b5\"\u003e\u003ccode\u003e40b77c3\u003c/code\u003e\u003c/a\u003e [actions] fix rebase workflow permissions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/6e39e92b969bacfc13aa7d96acc2681e0a8ff613\"\u003e\u003ccode\u003e6e39e92\u003c/code\u003e\u003c/a\u003e [readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/4e393de47a8f469b23bbb1d4bdf2022f2d873f17\"\u003e\u003ccode\u003e4e393de\u003c/code\u003e\u003c/a\u003e [readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/dbb0346103459a2cc3b92219aac7087f826a56c1\"\u003e\u003ccode\u003edbb0346\u003c/code\u003e\u003c/a\u003e [readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/6b8b4d8de3767e11b213152d984265414c23da6e\"\u003e\u003ccode\u003e6b8b4d8\u003c/code\u003e\u003c/a\u003e [Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.5.2...v6.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `elliptic`\n\nUpdates `flatted` from 3.1.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.1.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.13.1 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.13.1...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 2.3.3 to 3.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add setBoundary method  55d90ce\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/451\"\u003e#451\u003c/a\u003e from arku/patch-1  d702625\u003c/li\u003e\n\u003cli\u003eFix typo: ads -\u0026gt; adds  714ac8b\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.0...v3.0.1\"\u003ehttps://github.com/form-data/form-data/compare/v3.0.0...v3.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.5.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eBuffer.from\u003c/code\u003e and \u003ccode\u003eBuffer.alloc\u003c/code\u003e require node 4+\u003c/li\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDev Improvements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed error in the documentations as indicated in \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/439\"\u003e#439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded remaining combined-stream options to typedef\u003c/li\u003e\n\u003cli\u003eBumped rimraf to 2.7.1 (dev-dep)\u003c/li\u003e\n\u003cli\u003eAdded constructor options to TypeScript defs\u003c/li\u003e\n\u003cli\u003eFixed error in callback signatures\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAdded Types\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded TS types\u003c/li\u003e\n\u003cli\u003eImproved documentation\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAdded getBuffer method\u003c/h2\u003e\n\u003cp\u003eUpdated test builds to support node10 and 12.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/1a78b5dd05e508d67e97764d812ac7c6d92ea88d\"\u003e\u003ccode\u003e1a78b5d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/b22a64ef94ba4f3f6ff7d1ac72a54cca128567df\"\u003e\u003ccode\u003eb22a64e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/11d9f7338f18a59b431832a3562b49baece0a432\"\u003e\u003ccode\u003e11d9f73\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.2...v3.0.3\"\u003ev3.0.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/7fecefe4ba8f775634aff86a698776ad95ecffb5\"\u003e\u003ccode\u003e7fecefe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003ecross-spawn\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003epuppeteer\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/8261fcb8bf5944d30ae3bd04b91b71d6a9932ef4\"\u003e\u003ccode\u003e8261fcb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b82f59093cdbadb4b7ec0922d33ae7ab048b82ff\"\u003e\u003ccode\u003eb82f590\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/e5df7f24383342264bd73dee3274818a40d04065\"\u003e\u003ccode\u003ee5df7f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5a5bafee894fead10da49e1fa2b084e17f2e1034\"\u003e\u003ccode\u003e5a5bafe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.2\"\u003ev3.0.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] clean up ignores \u003ca href=\"https://github.com/form-data/form-data/commit/3217b3ded8e382e51171d5c74c6038a21cc54440\"\u003e\u003ccode\u003e3217b3d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: move util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e) \u003ca href=\"https://github.com/form-data/form-data/commit/edb555a811f6f7e4668db4831551cf41c1de1cac\"\u003e\u003ccode\u003eedb555a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/form-data/form-data/commits/v3.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck migration guide in \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/docs\"\u003edocs\u003c/a\u003e for details of all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/com...\n\n_Description has been truncated_","html_url":"https://github.com/hassanalimalek/eDukan/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hassanalimalek%2FeDukan/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"},{"uuid":"4553996752","node_id":"PR_kwDOQplPD87g7I7x","number":1,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-30T09:33:36.000Z","updated_at":"2026-05-30T09:34:33.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"ws","old_version":"8.18.3","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"electron","old_version":"17.4.11","new_version":"39.8.5","repository_url":"https://github.com/electron/electron"},{"name":"simple-git","old_version":"1.132.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.25.9","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"picomatch","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"},{"name":"axios","old_version":"0.26.1","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"braces","old_version":"1.8.5","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"tmp","old_version":"0.2.3","new_version":"0.2.7","repository_url":"https://github.com/raszi/node-tmp"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"qs","old_version":"6.13.0","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the /test/framework/twilio-video-angular directory: [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common), [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) and [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core).\nBumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.21.0` |\n| [electron](https://github.com/electron/electron) | `17.4.11` | `39.8.5` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `1.132.0` | `3.36.0` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.25.9` | `7.29.7` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [picomatch](https://github.com/micromatch/picomatch) | `4.0.3` | `4.0.4` |\n| [axios](https://github.com/axios/axios) | `0.26.1` | `1.16.1` |\n| [braces](https://github.com/micromatch/braces) | `1.8.5` | `3.0.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.2.3` | `0.2.7` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.6` |\n| [qs](https://github.com/ljharb/qs) | `6.13.0` | `6.15.2` |\n\n\nUpdates `@angular/common` from 4.0.3 to 21.2.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/common's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e21.2.15\u003c/h2\u003e\n\u003ch3\u003ecommon\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7f4ac78994bff1576ab33f3ce48f95c17f40b4d8\"\u003e\u003cimg src=\"https://img.shields.io/badge/7f4ac78994-fix-green\" alt=\"fix - 7f4ac78994\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eadd upper bounds for digitsInfo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/300f61feb3a534bfddf16fcbd240f97b32249699\"\u003e\u003cimg src=\"https://img.shields.io/badge/300f61feb3-fix-green\" alt=\"fix - 300f61feb3\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize placeholder\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0b07f47bd6598ae6bd5b75a375e2c817a3c0f243\"\u003e\u003cimg src=\"https://img.shields.io/badge/0b07f47bd6-fix-green\" alt=\"fix - 0b07f47bd6\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003enormalize tag names with custom namespaces in DomElementSchemaRegistry (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/eb1cbbf2eb5833219a367a61c04eb07aaa36cc29\"\u003e\u003cimg src=\"https://img.shields.io/badge/eb1cbbf2eb-fix-green\" alt=\"fix - eb1cbbf2eb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1378d54bd93f3882d732261be8e66720eb71b2\"\u003e\u003cimg src=\"https://img.shields.io/badge/cc1378d54b-fix-green\" alt=\"fix - cc1378d54b\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize dynamic href and xlink:href bindings on SVG a elements (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/782e01594e2ad9134c7385dcf3b518101b23ccab\"\u003e\u003cimg src=\"https://img.shields.io/badge/782e01594e-fix-green\" alt=\"fix - 782e01594e\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ff12fe55ace5e861ba261afb4c0480ff3c40a192\"\u003e\u003cimg src=\"https://img.shields.io/badge/ff12fe55ac-fix-green\" alt=\"fix - ff12fe55ac\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003enormalize tag names in runtime i18n attribute security context lookup (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e6fe77cc97fd10351687416f938bf754aff4eb9f\"\u003e\u003cimg src=\"https://img.shields.io/badge/e6fe77cc97-fix-green\" alt=\"fix - e6fe77cc97\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize meta selectors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/daaf32937fd5c46e411b26f7c082613716fe9550\"\u003e\u003cimg src=\"https://img.shields.io/badge/daaf32937f-fix-green\" alt=\"fix - daaf32937f\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esupport prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/dada86e43d847204f714d1a933084617ab941c0a\"\u003e\u003cimg src=\"https://img.shields.io/badge/dada86e43d-fix-green\" alt=\"fix - dada86e43d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esynchronize core sanitization schema with compiler (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/582a417bd27fdaf989e5065dbcdf1ad752faf70c\"\u003e\u003cimg src=\"https://img.shields.io/badge/582a417bd2-fix-green\" alt=\"fix - 582a417bd2\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eexclude withCredentials requests from transfer cache\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5c6d6df34bbeff3ce98f3b35875444f925cc8f51\"\u003e\u003cimg src=\"https://img.shields.io/badge/5c6d6df34b-fix-green\" alt=\"fix - 5c6d6df34b\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eskip TransferCache for cookie-bearing requests by default\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eplatform-server\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/37e8aadf87b4facfcaf002a1557f8c393a362d97\"\u003e\u003cimg src=\"https://img.shields.io/badge/37e8aadf87-fix-green\" alt=\"fix - 37e8aadf87\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent SSRF bypasses via backslash URLs in HttpClient\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72696e244ed7646cca9ab9afc7769a2163943bda\"\u003e\u003cimg src=\"https://img.shields.io/badge/72696e244e-fix-green\" alt=\"fix - 72696e244e\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esecure location and document initialization against SSRF and path hijack\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eservice-worker\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b8bd49341ddcee10d119a9d4aa8e5736e4e5da53\"\u003e\u003cimg src=\"https://img.shields.io/badge/b8bd49341d-fix-green\" alt=\"fix - b8bd49341d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePreserves explicit 'credentials: omit' in asset requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ca32fc10001301e6174804f9abcfba62252334f4\"\u003e\u003cimg src=\"https://img.shields.io/badge/ca32fc1000-fix-green\" alt=\"fix - ca32fc1000\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePreserves HTTP cache mode in asset group requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e21.2.14\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/68282dff9f9ef46540cca4bd38fc1ab739c8a783\"\u003e\u003cimg src=\"https://img.shields.io/badge/68282dff9f-fix-green\" alt=\"fix - 68282dff9f\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/c0f52272ed337d4776bd4178cbbdc7f32037500f\"\u003e\u003cimg src=\"https://img.shields.io/badge/c0f52272ed-fix-green\" alt=\"fix - c0f52272ed\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003edo not insert todo when migrating void \u003ca href=\"https://github.com/Output\"\u003e\u003ccode\u003e@​Output\u003c/code\u003e\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/938a7f3eddda97a39edb9edcc8b4dd970858b3a2\"\u003e\u003cimg src=\"https://img.shields.io/badge/938a7f3edd-fix-green\" alt=\"fix - 938a7f3edd\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003emakes resource URL sanitizer lookup case-insensitive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0fb272419407a64a0a47096b03a911f4e7e83d79\"\u003e\u003cimg src=\"https://img.shields.io/badge/0fb2724194-fix-green\" alt=\"fix - 0fb2724194\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ereject script element as a dynamic component host\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/49113ac0eff852d987b5acb28a9bbda0242842cd\"\u003e\u003cimg src=\"https://img.shields.io/badge/49113ac0ef-fix-green\" alt=\"fix - 49113ac0ef\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003evisit ICU expressions in signal migration schematics\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003erouter\u003c/h3\u003e\n\u003cp\u003e| Commit | Description |\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/common's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e21.2.15 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecommon\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7f4ac78994bff1576ab33f3ce48f95c17f40b4d8\"\u003e7f4ac78994\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eadd upper bounds for digitsInfo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/300f61feb3a534bfddf16fcbd240f97b32249699\"\u003e300f61feb3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize placeholder\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0b07f47bd6598ae6bd5b75a375e2c817a3c0f243\"\u003e0b07f47bd6\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enormalize tag names with custom namespaces in DomElementSchemaRegistry (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/eb1cbbf2eb5833219a367a61c04eb07aaa36cc29\"\u003eeb1cbbf2eb\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1378d54bd93f3882d732261be8e66720eb71b2\"\u003ecc1378d54b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize dynamic href and xlink:href bindings on SVG a elements (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/782e01594e2ad9134c7385dcf3b518101b23ccab\"\u003e782e01594e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ff12fe55ace5e861ba261afb4c0480ff3c40a192\"\u003eff12fe55ac\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enormalize tag names in runtime i18n attribute security context lookup (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e6fe77cc97fd10351687416f938bf754aff4eb9f\"\u003ee6fe77cc97\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize meta selectors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/daaf32937fd5c46e411b26f7c082613716fe9550\"\u003edaaf32937f\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/dada86e43d847204f714d1a933084617ab941c0a\"\u003edada86e43d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esynchronize core sanitization schema with compiler (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/582a417bd27fdaf989e5065dbcdf1ad752faf70c\"\u003e582a417bd2\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eexclude withCredentials requests from transfer cache\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5c6d6df34bbeff3ce98f3b35875444f925cc8f51\"\u003e5c6d6df34b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eskip TransferCache for cookie-bearing requests by default\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eplatform-server\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/37e8aadf87b4facfcaf002a1557f8c393a362d97\"\u003e37e8aadf87\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent SSRF bypasses via backslash URLs in HttpClient\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72696e244ed7646cca9ab9afc7769a2163943bda\"\u003e72696e244e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esecure location and document initialization against SSRF and path hijack\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eservice-worker\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b8bd49341ddcee10d119a9d4aa8e5736e4e5da53\"\u003eb8bd49341d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ePreserves explicit 'credentials: omit' in asset requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ca32fc10001301e6174804f9abcfba62252334f4\"\u003eca32fc1000\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ePreserves HTTP cache mode in asset group requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e19.2.24 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/6ea6379123a7b0e191f8b9f66dfb74ca29659a6c\"\u003e6ea6379123\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.23 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/582a417bd27fdaf989e5065dbcdf1ad752faf70c\"\u003e\u003ccode\u003e582a417\u003c/code\u003e\u003c/a\u003e fix(http): exclude withCredentials requests from transfer cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/5c6d6df34bbeff3ce98f3b35875444f925cc8f51\"\u003e\u003ccode\u003e5c6d6df\u003c/code\u003e\u003c/a\u003e fix(http): skip TransferCache for cookie-bearing requests by default\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/300f61feb3a534bfddf16fcbd240f97b32249699\"\u003e\u003ccode\u003e300f61f\u003c/code\u003e\u003c/a\u003e fix(common): sanitize placeholder\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/7f4ac78994bff1576ab33f3ce48f95c17f40b4d8\"\u003e\u003ccode\u003e7f4ac78\u003c/code\u003e\u003c/a\u003e fix(common): add upper bounds for digitsInfo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/30cf85f71c52683016200ecf6d68b4418084ee6e\"\u003e\u003ccode\u003e30cf85f\u003c/code\u003e\u003c/a\u003e refactor(common): update deprecation message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/42d57c35781fb65fc4d44df59b6a85287664216a\"\u003e\u003ccode\u003e42d57c3\u003c/code\u003e\u003c/a\u003e refactor(common): fix viewport tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/10ad3c06923453ae0ec06b06e664ce05900a4ff6\"\u003e\u003ccode\u003e10ad3c0\u003c/code\u003e\u003c/a\u003e fix(common): prevent focus from scrollToAnchor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/540536c386f2c735a700c2c9e2697a88dcb3d4ec\"\u003e\u003ccode\u003e540536c\u003c/code\u003e\u003c/a\u003e fix(http): add CSP nonce support to JsonpClientBackend\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/8102331f82c808ca2256ba51a1d83803a61beabb\"\u003e\u003ccode\u003e8102331\u003c/code\u003e\u003c/a\u003e test(http): disable XSRF and mock location in HttpClient tests to avoid Domin...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/13f050d2204285173273ebbfe9b34bc1b3c63c80\"\u003e\u003ccode\u003e13f050d\u003c/code\u003e\u003c/a\u003e test: construct local \u003ccode\u003eDate\u003c/code\u003e objects to fix timezone flakiness\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v21.2.15/packages/common\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/common\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/compiler` from 4.0.3 to 21.2.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/compiler's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e21.2.15\u003c/h2\u003e\n\u003ch3\u003ecommon\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7f4ac78994bff1576ab33f3ce48f95c17f40b4d8\"\u003e\u003cimg src=\"https://img.shields.io/badge/7f4ac78994-fix-green\" alt=\"fix - 7f4ac78994\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eadd upper bounds for digitsInfo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/300f61feb3a534bfddf16fcbd240f97b32249699\"\u003e\u003cimg src=\"https://img.shields.io/badge/300f61feb3-fix-green\" alt=\"fix - 300f61feb3\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize placeholder\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0b07f47bd6598ae6bd5b75a375e2c817a3c0f243\"\u003e\u003cimg src=\"https://img.shields.io/badge/0b07f47bd6-fix-green\" alt=\"fix - 0b07f47bd6\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003enormalize tag names with custom namespaces in DomElementSchemaRegistry (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/eb1cbbf2eb5833219a367a61c04eb07aaa36cc29\"\u003e\u003cimg src=\"https://img.shields.io/badge/eb1cbbf2eb-fix-green\" alt=\"fix - eb1cbbf2eb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1378d54bd93f3882d732261be8e66720eb71b2\"\u003e\u003cimg src=\"https://img.shields.io/badge/cc1378d54b-fix-green\" alt=\"fix - cc1378d54b\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize dynamic href and xlink:href bindings on SVG a elements (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/782e01594e2ad9134c7385dcf3b518101b23ccab\"\u003e\u003cimg src=\"https://img.shields.io/badge/782e01594e-fix-green\" alt=\"fix - 782e01594e\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ff12fe55ace5e861ba261afb4c0480ff3c40a192\"\u003e\u003cimg src=\"https://img.shields.io/badge/ff12fe55ac-fix-green\" alt=\"fix - ff12fe55ac\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003enormalize tag names in runtime i18n attribute security context lookup (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e6fe77cc97fd10351687416f938bf754aff4eb9f\"\u003e\u003cimg src=\"https://img.shields.io/badge/e6fe77cc97-fix-green\" alt=\"fix - e6fe77cc97\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize meta selectors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/daaf32937fd5c46e411b26f7c082613716fe9550\"\u003e\u003cimg src=\"https://img.shields.io/badge/daaf32937f-fix-green\" alt=\"fix - daaf32937f\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esupport prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/dada86e43d847204f714d1a933084617ab941c0a\"\u003e\u003cimg src=\"https://img.shields.io/badge/dada86e43d-fix-green\" alt=\"fix - dada86e43d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esynchronize core sanitization schema with compiler (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/582a417bd27fdaf989e5065dbcdf1ad752faf70c\"\u003e\u003cimg src=\"https://img.shields.io/badge/582a417bd2-fix-green\" alt=\"fix - 582a417bd2\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eexclude withCredentials requests from transfer cache\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5c6d6df34bbeff3ce98f3b35875444f925cc8f51\"\u003e\u003cimg src=\"https://img.shields.io/badge/5c6d6df34b-fix-green\" alt=\"fix - 5c6d6df34b\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eskip TransferCache for cookie-bearing requests by default\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eplatform-server\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/37e8aadf87b4facfcaf002a1557f8c393a362d97\"\u003e\u003cimg src=\"https://img.shields.io/badge/37e8aadf87-fix-green\" alt=\"fix - 37e8aadf87\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent SSRF bypasses via backslash URLs in HttpClient\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72696e244ed7646cca9ab9afc7769a2163943bda\"\u003e\u003cimg src=\"https://img.shields.io/badge/72696e244e-fix-green\" alt=\"fix - 72696e244e\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esecure location and document initialization against SSRF and path hijack\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eservice-worker\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b8bd49341ddcee10d119a9d4aa8e5736e4e5da53\"\u003e\u003cimg src=\"https://img.shields.io/badge/b8bd49341d-fix-green\" alt=\"fix - b8bd49341d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePreserves explicit 'credentials: omit' in asset requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ca32fc10001301e6174804f9abcfba62252334f4\"\u003e\u003cimg src=\"https://img.shields.io/badge/ca32fc1000-fix-green\" alt=\"fix - ca32fc1000\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePreserves HTTP cache mode in asset group requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e21.2.14\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/68282dff9f9ef46540cca4bd38fc1ab739c8a783\"\u003e\u003cimg src=\"https://img.shields.io/badge/68282dff9f-fix-green\" alt=\"fix - 68282dff9f\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/c0f52272ed337d4776bd4178cbbdc7f32037500f\"\u003e\u003cimg src=\"https://img.shields.io/badge/c0f52272ed-fix-green\" alt=\"fix - c0f52272ed\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003edo not insert todo when migrating void \u003ca href=\"https://github.com/Output\"\u003e\u003ccode\u003e@​Output\u003c/code\u003e\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/938a7f3eddda97a39edb9edcc8b4dd970858b3a2\"\u003e\u003cimg src=\"https://img.shields.io/badge/938a7f3edd-fix-green\" alt=\"fix - 938a7f3edd\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003emakes resource URL sanitizer lookup case-insensitive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0fb272419407a64a0a47096b03a911f4e7e83d79\"\u003e\u003cimg src=\"https://img.shields.io/badge/0fb2724194-fix-green\" alt=\"fix - 0fb2724194\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ereject script element as a dynamic component host\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/49113ac0eff852d987b5acb28a9bbda0242842cd\"\u003e\u003cimg src=\"https://img.shields.io/badge/49113ac0ef-fix-green\" alt=\"fix - 49113ac0ef\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003evisit ICU expressions in signal migration schematics\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003erouter\u003c/h3\u003e\n\u003cp\u003e| Commit | Description |\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/compiler's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e21.2.15 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecommon\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7f4ac78994bff1576ab33f3ce48f95c17f40b4d8\"\u003e7f4ac78994\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eadd upper bounds for digitsInfo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/300f61feb3a534bfddf16fcbd240f97b32249699\"\u003e300f61feb3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize placeholder\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0b07f47bd6598ae6bd5b75a375e2c817a3c0f243\"\u003e0b07f47bd6\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enormalize tag names with custom namespaces in DomElementSchemaRegistry (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/eb1cbbf2eb5833219a367a61c04eb07aaa36cc29\"\u003eeb1cbbf2eb\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1378d54bd93f3882d732261be8e66720eb71b2\"\u003ecc1378d54b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize dynamic href and xlink:href bindings on SVG a elements (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/782e01594e2ad9134c7385dcf3b518101b23ccab\"\u003e782e01594e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ff12fe55ace5e861ba261afb4c0480ff3c40a192\"\u003eff12fe55ac\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enormalize tag names in runtime i18n attribute security context lookup (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e6fe77cc97fd10351687416f938bf754aff4eb9f\"\u003ee6fe77cc97\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize meta selectors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/daaf32937fd5c46e411b26f7c082613716fe9550\"\u003edaaf32937f\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/dada86e43d847204f714d1a933084617ab941c0a\"\u003edada86e43d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esynchronize core sanitization schema with compiler (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/582a417bd27fdaf989e5065dbcdf1ad752faf70c\"\u003e582a417bd2\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eexclude withCredentials requests from transfer cache\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5c6d6df34bbeff3ce98f3b35875444f925cc8f51\"\u003e5c6d6df34b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eskip TransferCache for cookie-bearing requests by default\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eplatform-server\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/37e8aadf87b4facfcaf002a1557f8c393a362d97\"\u003e37e8aadf87\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent SSRF bypasses via backslash URLs in HttpClient\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72696e244ed7646cca9ab9afc7769a2163943bda\"\u003e72696e244e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esecure location and document initialization against SSRF and path hijack\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eservice-worker\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b8bd49341ddcee10d119a9d4aa8e5736e4e5da53\"\u003eb8bd49341d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ePreserves explicit 'credentials: omit' in asset requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ca32fc10001301e6174804f9abcfba62252334f4\"\u003eca32fc1000\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ePreserves HTTP cache mode in asset group requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e19.2.24 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/6ea6379123a7b0e191f8b9f66dfb74ca29659a6c\"\u003e6ea6379123\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.23 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/eb1cbbf2eb5833219a367a61c04eb07aaa36cc29\"\u003e\u003ccode\u003eeb1cbbf\u003c/code\u003e\u003c/a\u003e fix(compiler): prevent namespaced SVG \u0026lt;style\u0026gt; elements from being stripped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/29ceeffd40a2250eb51ac34af22d49e85b878922\"\u003e\u003ccode\u003e29ceeff\u003c/code\u003e\u003c/a\u003e docs: fix typos in source code comments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/782e01594e2ad9134c7385dcf3b518101b23ccab\"\u003e\u003ccode\u003e782e015\u003c/code\u003e\u003c/a\u003e fix(compiler): strip namespaced SVG script elements during template compilati...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/ff12fe55ace5e861ba261afb4c0480ff3c40a192\"\u003e\u003ccode\u003eff12fe5\u003c/code\u003e\u003c/a\u003e fix(core): normalize tag names in runtime i18n attribute security context loo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/0b07f47bd6598ae6bd5b75a375e2c817a3c0f243\"\u003e\u003ccode\u003e0b07f47\u003c/code\u003e\u003c/a\u003e fix(compiler): normalize tag names with custom namespaces in DomElementSchema...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1378d54bd93f3882d732261be8e66720eb71b2\"\u003e\u003ccode\u003ecc1378d\u003c/code\u003e\u003c/a\u003e fix(compiler): sanitize dynamic href and xlink:href bindings on SVG a element...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/daaf32937fd5c46e411b26f7c082613716fe9550\"\u003e\u003ccode\u003edaaf329\u003c/code\u003e\u003c/a\u003e fix(core): support prefix-insensitive DOM schema lookups and compile-time i18...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/68282dff9f9ef46540cca4bd38fc1ab739c8a783\"\u003e\u003ccode\u003e68282df\u003c/code\u003e\u003c/a\u003e fix(compiler): strip namespaced SVG script elements during template compilation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/6652ec0115b20a6f8721137769afac30cd70f9a6\"\u003e\u003ccode\u003e6652ec0\u003c/code\u003e\u003c/a\u003e refactor(core): align namespaced attribute validation and security schema con...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/baf92da96ed73a0f4748edf05d3c0702cab219da\"\u003e\u003ccode\u003ebaf92da\u003c/code\u003e\u003c/a\u003e test: remove invalid css that was causing issues with the postcss parser\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v21.2.15/packages/compiler\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/compiler\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/core` from 4.0.3 to 21.2.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e21.2.15\u003c/h2\u003e\n\u003ch3\u003ecommon\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7f4ac78994bff1576ab33f3ce48f95c17f40b4d8\"\u003e\u003cimg src=\"https://img.shields.io/badge/7f4ac78994-fix-green\" alt=\"fix - 7f4ac78994\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eadd upper bounds for digitsInfo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/300f61feb3a534bfddf16fcbd240f97b32249699\"\u003e\u003cimg src=\"https://img.shields.io/badge/300f61feb3-fix-green\" alt=\"fix - 300f61feb3\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize placeholder\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0b07f47bd6598ae6bd5b75a375e2c817a3c0f243\"\u003e\u003cimg src=\"https://img.shields.io/badge/0b07f47bd6-fix-green\" alt=\"fix - 0b07f47bd6\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003enormalize tag names with custom namespaces in DomElementSchemaRegistry (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/eb1cbbf2eb5833219a367a61c04eb07aaa36cc29\"\u003e\u003cimg src=\"https://img.shields.io/badge/eb1cbbf2eb-fix-green\" alt=\"fix - eb1cbbf2eb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1378d54bd93f3882d732261be8e66720eb71b2\"\u003e\u003cimg src=\"https://img.shields.io/badge/cc1378d54b-fix-green\" alt=\"fix - cc1378d54b\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize dynamic href and xlink:href bindings on SVG a elements (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/782e01594e2ad9134c7385dcf3b518101b23ccab\"\u003e\u003cimg src=\"https://img.shields.io/badge/782e01594e-fix-green\" alt=\"fix - 782e01594e\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ff12fe55ace5e861ba261afb4c0480ff3c40a192\"\u003e\u003cimg src=\"https://img.shields.io/badge/ff12fe55ac-fix-green\" alt=\"fix - ff12fe55ac\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003enormalize tag names in runtime i18n attribute security context lookup (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e6fe77cc97fd10351687416f938bf754aff4eb9f\"\u003e\u003cimg src=\"https://img.shields.io/badge/e6fe77cc97-fix-green\" alt=\"fix - e6fe77cc97\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize meta selectors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/daaf32937fd5c46e411b26f7c082613716fe9550\"\u003e\u003cimg src=\"https://img.shields.io/badge/daaf32937f-fix-green\" alt=\"fix - daaf32937f\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esupport prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/dada86e43d847204f714d1a933084617ab941c0a\"\u003e\u003cimg src=\"https://img.shields.io/badge/dada86e43d-fix-green\" alt=\"fix - dada86e43d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esynchronize core sanitization schema with compiler (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/582a417bd27fdaf989e5065dbcdf1ad752faf70c\"\u003e\u003cimg src=\"https://img.shields.io/badge/582a417bd2-fix-green\" alt=\"fix - 582a417bd2\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eexclude withCredentials requests from transfer cache\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5c6d6df34bbeff3ce98f3b35875444f925cc8f51\"\u003e\u003cimg src=\"https://img.shields.io/badge/5c6d6df34b-fix-green\" alt=\"fix - 5c6d6df34b\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eskip TransferCache for cookie-bearing requests by default\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eplatform-server\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/37e8aadf87b4facfcaf002a1557f8c393a362d97\"\u003e\u003cimg src=\"https://img.shields.io/badge/37e8aadf87-fix-green\" alt=\"fix - 37e8aadf87\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent SSRF bypasses via backslash URLs in HttpClient\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72696e244ed7646cca9ab9afc7769a2163943bda\"\u003e\u003cimg src=\"https://img.shields.io/badge/72696e244e-fix-green\" alt=\"fix - 72696e244e\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esecure location and document initialization against SSRF and path hijack\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eservice-worker\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b8bd49341ddcee10d119a9d4aa8e5736e4e5da53\"\u003e\u003cimg src=\"https://img.shields.io/badge/b8bd49341d-fix-green\" alt=\"fix - b8bd49341d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePreserves explicit 'credentials: omit' in asset requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ca32fc10001301e6174804f9abcfba62252334f4\"\u003e\u003cimg src=\"https://img.shields.io/badge/ca32fc1000-fix-green\" alt=\"fix - ca32fc1000\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePreserves HTTP cache mode in asset group requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e21.2.14\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/68282dff9f9ef46540cca4bd38fc1ab739c8a783\"\u003e\u003cimg src=\"https://img.shields.io/badge/68282dff9f-fix-green\" alt=\"fix - 68282dff9f\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/c0f52272ed337d4776bd4178cbbdc7f32037500f\"\u003e\u003cimg src=\"https://img.shields.io/badge/c0f52272ed-fix-green\" alt=\"fix - c0f52272ed\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003edo not insert todo when migrating void \u003ca href=\"https://github.com/Output\"\u003e\u003ccode\u003e@​Output\u003c/code\u003e\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/938a7f3eddda97a39edb9edcc8b4dd970858b3a2\"\u003e\u003cimg src=\"https://img.shields.io/badge/938a7f3edd-fix-green\" alt=\"fix - 938a7f3edd\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003emakes resource URL sanitizer lookup case-insensitive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0fb272419407a64a0a47096b03a911f4e7e83d79\"\u003e\u003cimg src=\"https://img.shields.io/badge/0fb2724194-fix-green\" alt=\"fix - 0fb2724194\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ereject script element as a dynamic component host\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/49113ac0eff852d987b5acb28a9bbda0242842cd\"\u003e\u003cimg src=\"https://img.shields.io/badge/49113ac0ef-fix-green\" alt=\"fix - 49113ac0ef\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003evisit ICU expressions in signal migration schematics\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003erouter\u003c/h3\u003e\n\u003cp\u003e| Commit | Description |\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e21.2.15 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecommon\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7f4ac78994bff1576ab33f3ce48f95c17f40b4d8\"\u003e7f4ac78994\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eadd upper bounds for digitsInfo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/300f61feb3a534bfddf16fcbd240f97b32249699\"\u003e300f61feb3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize placeholder\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0b07f47bd6598ae6bd5b75a375e2c817a3c0f243\"\u003e0b07f47bd6\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enormalize tag names with custom namespaces in DomElementSchemaRegistry (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/eb1cbbf2eb5833219a367a61c04eb07aaa36cc29\"\u003eeb1cbbf2eb\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1378d54bd93f3882d732261be8e66720eb71b2\"\u003ecc1378d54b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize dynamic href and xlink:href bindings on SVG a elements (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/782e01594e2ad9134c7385dcf3b518101b23ccab\"\u003e782e01594e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ff12fe55ace5e861ba261afb4c0480ff3c40a192\"\u003eff12fe55ac\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enormalize tag names in runtime i18n attribute security context lookup (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e6fe77cc97fd10351687416f938bf754aff4eb9f\"\u003ee6fe77cc97\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize meta selectors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/daaf32937fd5c46e411b26f7c082613716fe9550\"\u003edaaf32937f\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/dada86e43d847204f714d1a933084617ab941c0a\"\u003edada86e43d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esynchronize core sanitization schema with compiler (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/582a417bd27fdaf989e5065dbcdf1ad752faf70c\"\u003e582a417bd2\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eexclude withCredentials requests from transfer cache\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5c6d6df34bbeff3ce98f3b35875444f925cc8f51\"\u003e5c6d6df34b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eskip TransferCache for cookie-bearing requests by default\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eplatform-server\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/37e8aadf87b4facfcaf002a1557f8c393a362d97\"\u003e37e8aadf87\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent SSRF bypasses via backslash URLs in HttpClient\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72696e244ed7646cca9ab9afc7769a2163943bda\"\u003e72696e244e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esecure location and document initialization against SSRF and path hijack\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eservice-worker\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b8bd49341ddcee10d119a9d4aa8e5736e4e5da53\"\u003eb8bd49341d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ePreserves explicit 'credentials: omit' in asset requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ca32fc10001301e6174804f9abcfba62252334f4\"\u003eca32fc1000\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ePreserves HTTP cache mode in asset group requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e19.2.24 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/6ea6379123a7b0e191f8b9f66dfb74ca29659a6c\"\u003e6ea6379123\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.23 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/29ceeffd40a2250eb51ac34af22d49e85b878922\"\u003e\u003ccode\u003e29ceeff\u003c/code\u003e\u003c/a\u003e docs: fix typos in source code comments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/251c8f27409e05b540bf9a27ab90c8c0c7efdbca\"\u003e\u003ccode\u003e251c8f2\u003c/code\u003e\u003c/a\u003e test(core): remove obsolete SVG script sanitization translation test (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/dada86e43d847204f714d1a933084617ab941c0a\"\u003e\u003ccode\u003edada86e\u003c/code\u003e\u003c/a\u003e fix(core): synchronize core sanitization schema with compiler (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/782e01594e2ad9134c7385dcf3b518101b23ccab\"\u003e\u003ccode\u003e782e015\u003c/code\u003e\u003c/a\u003e fix(compiler): strip namespaced SVG script elements during template compilati...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/ff12fe55ace5e861ba261afb4c0480ff3c40a192\"\u003e\u003ccode\u003eff12fe5\u003c/code\u003e\u003c/a\u003e fix(core): normalize tag names in runtime i18n attribute security context loo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/0b07f47bd6598ae6bd5b75a375e2c817a3c0f243\"\u003e\u003ccode\u003e0b07f47\u003c/code\u003e\u003c/a\u003e fix(compiler): normalize tag names with custom namespaces in DomElementSchema...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1378d54bd93f3882d732261be8e66720eb71b2\"\u003e\u003ccode\u003ecc1378d\u003c/code\u003e\u003c/a\u003e fix(compiler): sanitize dynamic href and xlink:href bindings on SVG a element...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/daaf32937fd5c46e411b26f7c082613716fe9550\"\u003e\u003ccode\u003edaaf329\u003c/code\u003e\u003c/a\u003e fix(core): support prefix-insensitive DOM schema lookups and compile-time i18...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/1d6e71dd788ebda5d9bb9d3c560cc27bb503f44b\"\u003e\u003ccode\u003e1d6e71d\u003c/code\u003e\u003c/a\u003e docs: clarify ngDoCheck invocation behavior with OnPush strategy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/49113ac0eff852d987b5acb28a9bbda0242842cd\"\u003e\u003ccode\u003e49113ac\u003c/code\u003e\u003c/a\u003e fix(core): visit ICU expressions in signal migration schematics\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v21.2.15/packages/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/core\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.18.3 to 8.21.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.21.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduced the \u003ccode\u003emaxBufferedChunks\u003c/code\u003e and \u003ccode\u003emaxFragments\u003c/code\u003e options (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a remote memory exhaustion DoS vulnerability (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eA high volume of tiny fragments and data chunks could be sent by a peer, using\nmodest network traffic, to crash a \u003ccode\u003ews\u003c/code\u003e server or client due to OOM.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer({ port: 0 }, function () {\nconst data = Buffer.alloc(1);\nconst options = { fin: false };\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e);\u003c/p\u003e\n\u003cp\u003ews.on('open', function () {\n(function send() {\nws.send(data, options, function (err) {\nif (err) return;\nsend();\n});\n})();\n});\u003c/p\u003e\n\u003cp\u003ews.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eclient close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eserver close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe vulnerability was responsibly disclosed and fixed by \u003ca href=\"https://github.com/Nadav0077\"\u003eNadav Magier\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIn vulnerable versions, the issue can be mitigated by lowering the value of the\n\u003ccode\u003emaxPayload\u003c/code\u003e option if possible.\u003c/p\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94\"\u003e\u003ccode\u003ebca91ad\u003c/code\u003e\u003c/a\u003e [dist] 8.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/2b2abd458a1b647d0b6033bd62a619c36189839a\"\u003e\u003ccode\u003e2b2abd4\u003c/code\u003e\u003c/a\u003e [security] Limit retained message parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/78eabe2a6677b231bf9c82601bde86ff91639490\"\u003e\u003ccode\u003e78eabe2\u003c/code\u003e\u003c/a\u003e [security] Add latest vulnerability to SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.18.3...8.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `electron` from 17.4.11 to 39.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/electron/electron/releases\"\u003eelectron's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eelectron v39.8.5\u003c/h2\u003e\n\u003ch1\u003eRelease Notes for v39.8.5\u003c/h1\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a crash in \u003ccode\u003eclipboard.readImage()\u003c/code\u003e when the clipboard contains malformed image data. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50493\"\u003e#50493\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50491\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50492\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50494\"\u003e42\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed a crash when calling an offscreen shared texture's \u003ccode\u003erelease()\u003c/code\u003e after the texture object was garbage collected. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50499\"\u003e#50499\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50500\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50501\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50502\"\u003e42\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eelectron v39.8.4\u003c/h2\u003e\n\u003ch1\u003eRelease Notes for v39.8.4\u003c/h1\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where \u003ccode\u003enodeIntegrationInWorker\u003c/code\u003e overrides in \u003ccode\u003esetWindowOpenHandler\u003c/code\u003e were not honored for child windows sharing a renderer process with their opener. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50468\"\u003e#50468\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50163\"\u003e38\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50467\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50134\"\u003e41\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed crash when handling JavaScript dialogs from windows opened with invalid or empty URLs. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50400\"\u003e#50400\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50401\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50399\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50398\"\u003e42\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed improper focus tracking in BaseWindow on MacOS. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50338\"\u003e#50338\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50337\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50340\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50339\"\u003e42\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed window freeze when failing to enter/exit fullscreen on macOS. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50341\"\u003e#50341\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50344\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50343\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50342\"\u003e42\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for using a proxy during yarn install. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50349\"\u003e#50349\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50352\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50350\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50351\"\u003e42\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eBackported fix for 485935305. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50440\"\u003e#50440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackported fix for 489381399. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50443\"\u003e#50443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackported fix for chromium:475877320. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50436\"\u003e#50436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackported fixes for 484751092, 487117772. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50461\"\u003e#50461\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eelectron v39.8.3\u003c/h2\u003e\n\u003ch1\u003eRelease Notes for v39.8.3\u003c/h1\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded additional ASAR support to additional \u003ccode\u003efs\u003c/code\u003e copy methods. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50284\"\u003e#50284\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50287\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50286\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50285\"\u003e42\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed user resizing of transparent windows on win32 platform. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50300\"\u003e#50300\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50301\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50298\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50299\"\u003e42\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eelectron v39.8.2\u003c/h2\u003e\n\u003ch1\u003eRelease Notes for v39.8.2\u003c/h1\u003e\n\u003ch2\u003eOther Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackported fix for b/491421267. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50230\"\u003e#50230\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eelectron v39.8.1\u003c/h2\u003e\n\u003ch1\u003eRelease Notes for v39.8.1\u003c/h1\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded validation to protocol client methods to reject protocol names that do not conform to the RFC 3986 URI scheme grammar. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50156\"\u003e#50156\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50157\"\u003e38\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50158\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50155\"\u003e41\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue on macOS where calling \u003ccode\u003eautoUpdater.quitAndInstall()\u003c/code\u003e could fail if \u003ccode\u003echeckForUpdates()\u003c/code\u003e was called again after an update was already downloaded. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50215\"\u003e#50215\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50216\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50217\"\u003e41\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue where Chrome Devtools menus may not appear in certain embedded windows. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50136\"\u003e#50136\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50138\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50137\"\u003e41\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue where \u003ccode\u003eadditionalData\u003c/code\u003e passed to \u003ccode\u003eapp.requestSingleInstanceLock\u003c/code\u003e on Windows could be truncated or fail to deserialize in the primary instance's \u003ccode\u003esecond-instance\u003c/code\u003e event. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50174\"\u003e#50174\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50177\"\u003e38\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50162\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50154\"\u003e41\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue where \u003ccode\u003escreen.getCursorScreenPoint()\u003c/code\u003e crashed on Wayland when it was called before a \u003ccode\u003eBrowserWindow\u003c/code\u003e had been created. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50106\"\u003e#50106\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50104\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50105\"\u003e41\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/9d2f8cb4da0d35e2daf7e7f60e35313b508cb224\"\u003e\u003ccode\u003e9d2f8cb\u003c/code\u003e\u003c/a\u003e refactor: remove dead named-window lookup from guest-window-manager (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50498\"\u003e#50498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/11730047394233e70743c52567e17f4c3b2dc9fc\"\u003e\u003ccode\u003e1173004\u003c/code\u003e\u003c/a\u003e fix: crash calling OSR shared texture release() after texture GC'd (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50499\"\u003e#50499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/be37adefd08f882e3f1fb8403d2d9e92c3009d56\"\u003e\u003ccode\u003ebe37ade\u003c/code\u003e\u003c/a\u003e fix: crash in clipboard.readImage() on malformed image data (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50493\"\u003e#50493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/7007907df08d02da98f513dcbdb430ab51be59c7\"\u003e\u003ccode\u003e7007907\u003c/code\u003e\u003c/a\u003e chore: cherry-pick 3 changes from chromium (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50461\"\u003e#50461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/2c8b6ee0c0a7c26871dc0b320982afd8ed29df6c\"\u003e\u003ccode\u003e2c8b6ee\u003c/code\u003e\u003c/a\u003e chore: cherry-pick fbfb27470bf6 from chromium (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50436\"\u003e#50436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/4c64377ead6b53bc565d7793a2712e49882e5354\"\u003e\u003ccode\u003e4c64377\u003c/code\u003e\u003c/a\u003e chore: cherry-pick 50b057660b4d from chromium (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50440\"\u003e#50440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/0ef056130cde0c19c81ccfbc2932df6911765849\"\u003e\u003ccode\u003e0ef0561\u003c/code\u003e\u003c/a\u003e fix: read nodeIntegrationInWorker from per-frame WebPreferences (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50122\"\u003e#50122\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50\"\u003e#50\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/64373df3ca697bc6fe6e3ab1f463ba05beaf64cf\"\u003e\u003ccode\u003e64373df\u003c/code\u003e\u003c/a\u003e chore: cherry-pick 074d472db745 from chromium (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50443\"\u003e#50443\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/13e44072be367f516cfad36f95d183765174f4bf\"\u003e\u003ccode\u003e13e4407\u003c/code\u003e\u003c/a\u003e fix: don't re-parse URL unnecessarily when handling dialogs (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50400\"\u003e#50400\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/16a038502a4ea0c79976be60bcc8f28a49f1ab99\"\u003e\u003ccode\u003e16a0385\u003c/code\u003e\u003c/a\u003e ci: output build cache hit rate as GHA annotation (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50369\"\u003e#50369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/electron/electron/compare/v17.4.11...v39.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `simple-git` from 1.132.0 to 3.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/releases\"\u003esimple-git's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esimple-git@3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.33.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea263635: Use \u003ccode\u003epathspec\u003c/code\u003e wrappers for remote and local paths when running either \u003ccode\u003egit.clone\u003c/code\u003e or \u003ccode\u003egit.mirror\u003c/code\u003e to\navoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ee253a0d: Enhanced \u003ccode\u003egit -c\u003c/code\u003e checks in \u003ccode\u003eunsafe\u003c/code\u003e plugin.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JohannesLks\"\u003e\u003ccode\u003e@​JohannesLks\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSour...\n\n_Description has been truncated_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nRefresh dependencies in the root and `test/framework/twilio-video-angular` to pick up security fixes and modern APIs. Major upgrades include `electron` 39 and Angular 21.\n\n- **Dependencies**\n  - Root: `electron` → `39.8.5`, `simple-git` → `3.36.0`, `twilio` → `6.0.2`, `inquirer` → `14.0.1`, `vinyl-fs` → `4.0.2`.\n  - Security: `ws` → `8.21.0` (DoS fix), `axios` → `1.x` (indirect), plus minor patches.\n  - Test fixture: `@angular/common`, `@angular/compiler`, `@angular/core` → `21.2.15`.\n\n- **Migration**\n  - Electron: v39 is a major jump from v17. Review breaking changes and retest build/startup.\n  - Angular test app: align all `@angular/*` packages to the same major (v21) and run migrations; Angular 21 requires recent TypeScript and RxJS.\n\n\u003csup\u003eWritten for commit 0665657f26fffa205b53142f36eea084b3d46a89. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/EmilynnJ/twilio-video.js/pull/1?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n\n\n\u003c!-- Macroscope's pull request summary starts here --\u003e\n\u003c!-- Macroscope will only edit the content between these invisible markers, and the markers themselves will not be visible in the GitHub rendered markdown. --\u003e\n\u003c!-- If you delete either of the start / end markers from your PR's description, Macroscope will append its summary at the bottom of the description. --\u003e\n\u003e [!NOTE]\n\u003e ### Bump npm dependencies including electron, twilio, Angular, and related packages to latest major versions\n\u003e - Updates [package.json](https://github.com/EmilynnJ/twilio-video.js/pull/1/files#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519) with major version bumps: `electron` ^17→^39, `inquirer` ^7→^14, `simple-git` ^1→^3, `twilio` ^3→^6, `vinyl-fs` ^2→^4\n\u003e - Updates the Angular test fixture in [test/framework/twilio-video-angular/package.json](https://github.com/EmilynnJ/twilio-video.js/pull/1/files#diff-67a77c7d13d11f9b3515fa6981c7a0b6c468c9096ef79d8ed89fa82702dd7c38) from Angular 4.0.x to 21.2.x\n\u003e - Risk: multiple major version bumps across core and test dependencies may introduce breaking API changes requiring code updates\n\u003e\n\u003e \u003c!-- Macroscope's review summary starts here --\u003e\n\u003e\n\u003e \u003csup\u003e\u003ca href=\"https://app.macroscope.com\"\u003eMacroscope\u003c/a\u003e summarized 0665657.\u003c/sup\u003e\n\u003e \u003c!-- Macroscope's review summary ends here --\u003e\n\u003e\n\u003c!-- macroscope-ui-refresh --\u003e\n\u003c!-- Macroscope's pull request summary ends here --\u003e","html_url":"https://github.com/EmilynnJ/twilio-video.js/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EmilynnJ%2Ftwilio-video.js/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4553670012","node_id":"PR_kwDOQng5Q87g6KkP","number":3,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 13 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-30T07:14:28.000Z","updated_at":"2026-05-30T07:14:55.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":13,"packages":[{"name":"@protobufjs/utf8","old_version":"1.1.0","new_version":"1.1.1","repository_url":"https://github.com/dcodeIO/protobuf.js"},{"name":"base-x","old_version":"3.0.10","new_version":"3.0.11","repository_url":"https://github.com/cryptocoinjs/base-x"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"express","old_version":"4.19.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"fast-uri","old_version":"3.0.1","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"follow-redirects","old_version":"1.15.6","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"min-document","old_version":"2.19.0","new_version":"2.19.2","repository_url":"https://github.com/Raynos/min-document"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@protobufjs/utf8](https://github.com/dcodeIO/protobuf.js) | `1.1.0` | `1.1.1` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.10` | `3.0.11` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [express](https://github.com/expressjs/express) | `4.19.2` | `4.22.2` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.0.1` | `3.1.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.6` | `1.16.0` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [min-document](https://github.com/Raynos/min-document) | `2.19.0` | `2.19.2` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.6` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n\n\nUpdates `@protobufjs/utf8` from 1.1.0 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dcodeIO/protobuf.js/releases\"\u003e@​protobufjs/utf8's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs-cli: v1.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-cli-v1.1.0...protobufjs-cli-v1.1.1\"\u003e1.1.1\u003c/a\u003e (2023-02-02)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e fix relative path to Google pb files (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/1859\"\u003e#1859\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e42eea4868b11f4a07934804a56683321ed191e2\"\u003ee42eea4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003e\u003ccode\u003ecc7d595\u003c/code\u003e\u003c/a\u003e fix: Restore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/3abc9b54d67a7102785c6dfd8bf6610f545d445b\"\u003e\u003ccode\u003e3abc9b5\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2190\"\u003e#2190\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/a0bf2dfdd8a75aa62ce5a1ff47a52b9b8f1ea793\"\u003e\u003ccode\u003ea0bf2df\u003c/code\u003e\u003c/a\u003e fix: Update CLI peer dependency (7.x) (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2189\"\u003e#2189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/2189e5beeca6a70e4c104dfdb9fb8200bc5f81fe\"\u003e\u003ccode\u003e2189e5b\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2174\"\u003e#2174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e\u003ccode\u003e75392ea\u003c/code\u003e\u003c/a\u003e fix: Backport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dcodeIO/protobuf.js/compare/protobufjs-cli-v1.1.0...fetch-v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `base-x` from 3.0.10 to 3.0.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/043a888a9bae09bc4b40500e37792e2c6398e9f2\"\u003e\u003ccode\u003e043a888\u003c/code\u003e\u003c/a\u003e 3.0.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/2705dddd2565b455641985974b534291d8defb31\"\u003e\u003ccode\u003e2705ddd\u003c/code\u003e\u003c/a\u003e [backport 3.x] Prohibit char codes that would overflow the \u003ccode\u003eBASE_MAP\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/base-x/compare/v3.0.10...v3.0.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.19.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.19.2...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-uri` from 3.0.1 to 3.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fast-uri/releases\"\u003efast-uri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.2\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle malformed fragment decoding as a parse error by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/171\"\u003efastify/fast-uri#171\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.32.0 to 0.33.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/148\"\u003efastify/fast-uri#148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/149\"\u003efastify/fast-uri#149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(.npmrc): ignore scripts by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/150\"\u003efastify/fast-uri#150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): remove \u003ccode\u003e@​fastify/pre-commit\u003c/code\u003e by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/151\"\u003efastify/fast-uri#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/152\"\u003efastify/fast-uri#152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): add concurrency config by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/153\"\u003efastify/fast-uri#153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/154\"\u003efastify/fast-uri#154\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/156\"\u003efastify/fast-uri#156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/159\"\u003efastify/fast-uri#159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/161\"\u003efastify/fast-uri#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove unused github files by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update readme by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/164\"\u003efastify/fast-uri#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/165\"\u003efastify/fast-uri#165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/166\"\u003efastify/fast-uri#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/167\"\u003efastify/fast-uri#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/169\"\u003efastify/fast-uri#169\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: remove master branch support by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/126\"\u003efastify/fast-uri#126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(test) remove .gitkeep by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/128\"\u003efastify/fast-uri#128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): set job permissions by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/129\"\u003efastify/fast-uri#129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: set permissions at workflow level by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/131\"\u003efastify/fast-uri#131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: set workflow permissions to read-only by default by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/132\"\u003efastify/fast-uri#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): restore job level permissions by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/133\"\u003efastify/fast-uri#133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.31.2 to 0.32.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/134\"\u003efastify/fast-uri#134\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): pin actions to commit-hash by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/135\"\u003efastify/fast-uri#135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node 24 to test matrix by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/136\"\u003efastify/fast-uri#136\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/919dd8ea7689fcc220d0d9b71307f5095e723ef9\"\u003e\u003ccode\u003e919dd8e\u003c/code\u003e\u003c/a\u003e Bumped v3.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/c65ba573714af6b8e19e481d9444c27bc4355d07\"\u003e\u003ccode\u003ec65ba57\u003c/code\u003e\u003c/a\u003e fixup: linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/6c86c17c3d76fb93aa3700ec6c0fa00faeb97293\"\u003e\u003ccode\u003e6c86c17\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/a95158ad308df4d92bbde4eba699ce5165e9f796\"\u003e\u003ccode\u003ea95158a\u003c/code\u003e\u003c/a\u003e Handle malformed fragment decoding without throwing (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/171\"\u003e#171\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/cea547c91c6aae610041b17b75792ca4aa035a6d\"\u003e\u003ccode\u003ecea547c\u003c/code\u003e\u003c/a\u003e Bumped v3.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/876ce79b662c3e5015e4e7dffe6f37752ad34f35\"\u003e\u003ccode\u003e876ce79\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/dcdf690b71a7bb3a19887ada65a9ab160d83bcc0\"\u003e\u003ccode\u003edcdf690\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/c860e6589b1ac346f66e114b4eadb9613768108c\"\u003e\u003ccode\u003ec860e65\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/9b4c6dc82fde0ca44e674403ece9185d85bb6d5f\"\u003e\u003ccode\u003e9b4c6dc\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/85d09a9f7aa76b32c2bb005a90a71e144c361d24\"\u003e\u003ccode\u003e85d09a9\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-mana...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.0.1...v3.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.6 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.6...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `min-document` from 2.19.0 to 2.19.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/0d14150640e4dd159e092eb551b3aca8f3378991\"\u003e\u003ccode\u003e0d14150\u003c/code\u003e\u003c/a\u003e 2.19.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/49c2e0607bece7a041b8935bfb044ce6b65777d8\"\u003e\u003ccode\u003e49c2e06\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Raynos/min-document/issues/56\"\u003e#56\u003c/a\u003e from wasabina67/fix/prototype-pollution-removeAttribut...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/966646172d9063f880aeaf79882edfc3a0ceaca4\"\u003e\u003ccode\u003e9666461\u003c/code\u003e\u003c/a\u003e Fix prototype pollution vulnerability in removeAttributeNS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/4490b40cbb19feb26b09f217690a0969d1a89d51\"\u003e\u003ccode\u003e4490b40\u003c/code\u003e\u003c/a\u003e 2.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/2cd587153733d3346365df6033067f64f07690f5\"\u003e\u003ccode\u003e2cd5871\u003c/code\u003e\u003c/a\u003e update ignore\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/fe32e8da464cef622528725f647029a8fd7d95a6\"\u003e\u003ccode\u003efe32e8d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Raynos/min-document/issues/55\"\u003e#55\u003c/a\u003e from jameswassink/fix/prototype-pollution-removeAttrib...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/6c5f31aa57e2122fcedd4c7eae58b82f477e09f5\"\u003e\u003ccode\u003e6c5f31a\u003c/code\u003e\u003c/a\u003e Better prototype pollution fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/0d4e8192ef723fb869645256102a56ed922efd68\"\u003e\u003ccode\u003e0d4e819\u003c/code\u003e\u003c/a\u003e Fix prototype pollution in removeAttributeNS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/bf7b69130a364b5c6fcb8e623bffe43054994c65\"\u003e\u003ccode\u003ebf7b691\u003c/code\u003e\u003c/a\u003e Update package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/1b5402dcd5df3bf2575e71d463baa44dc2c05571\"\u003e\u003ccode\u003e1b5402d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Raynos/min-document/issues/49\"\u003e#49\u003c/a\u003e from PixnBits/patch-1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Raynos/min-document/compare/v2.19.0...v2.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pbkdf2` from 3.1.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md\"\u003epbkdf2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.5...v3.1.6\"\u003ev3.1.6\u003c/a\u003e - 2026-05-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[New] add TypeScript type declarations \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fb1f74746f8f1ab171d7d43ede48eeca9e694ce3\"\u003e\u003ccode\u003efb1f747\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] coerce \u003ccode\u003e-0\u003c/code\u003e keylen to \u003ccode\u003e+0\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7c4a4959142269cbfae8b1448e3a5848b84ac2f4\"\u003e\u003ccode\u003e7c4a495\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3cce1691f5021a70673ecb8833f729c1840cd38\"\u003e\u003ccode\u003ee3cce16\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix an error \u003ca href=\"https://github.com/browserify/pbkdf2/commit/f6b0e424257980e3331da18bd7d1ed3232d17afd\"\u003e\u003ccode\u003ef6b0e42\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix \u003ccode\u003enpm run postlint\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/b729629ca1ced08e42ecd5419a7971f20307ebb5\"\u003e\u003ccode\u003eb729629\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/5e0cf517d1124dd42df315b0cc5cc6219426350b\"\u003e\u003ccode\u003e5e0cf51\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/1c3b1f526b052a29b3b42120c9821895772df7e8\"\u003e\u003ccode\u003e1c3b1f5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge \u003ca href=\"https://github.com/browserify/pbkdf2/commit/528bd3861dda05e2d7e1ef7cbb724baca43766e3\"\u003e\u003ccode\u003e528bd38\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.4...v3.1.5\"\u003ev3.1.5\u003c/a\u003e - 2025-09-23\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] only allow finite iterations \u003ca href=\"https://github.com/browserify/pbkdf2/commit/67bd94dbbf21b93f5e282ee910728945c8ef2827\"\u003e\u003ccode\u003e67bd94d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8f59d962f71dcb2cc14067d7f514ff96e3406f81\"\u003e\u003ccode\u003e8f59d96\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] check parameters before the \u0026quot;no Promise\u0026quot; bailout \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d2dc5f052cacadf3d4a09d87164158da875ca740\"\u003e\u003ccode\u003ed2dc5f0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.3...v3.1.4\"\u003ev3.1.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ecreate-hash\u003c/code\u003e, \u003ccode\u003eripemd160\u003c/code\u003e, \u003ccode\u003esha.js\u003c/code\u003e, \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8dbf49b38235066c565a92eaf3722720a1333a2d\"\u003e\u003ccode\u003e8dbf49b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] update repo URLs \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d15bc351de0edbed394d2a6189176960aaa0d050\"\u003e\u003ccode\u003ed15bc35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/aaf870b1d1855e6a381af05021f304294a79f7c9\"\u003e\u003ccode\u003eaaf870b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.3\"\u003ev3.1.3\u003c/a\u003e - 2025-06-20\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8b067308eedcc3b7da3e06202d437ff532de75bd\"\u003e\u003ccode\u003e8b06730\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix whitespace \u003ca href=\"https://github.com/browserify/pbkdf2/commit/9a76e2f37ef4541aeff92d97b7335b7fa6e989a8\"\u003e\u003ccode\u003e9a76e2f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix parens/curlies/semis/etc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/6fd84bf64a423d207d9e665f3e9fd88b148c4480\"\u003e\u003ccode\u003e6fd84bf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/796c38d428ed9546e7ddfbb38322faa99921d716\"\u003e\u003ccode\u003e796c38d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node 17 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/3661fb0156177bfe380c7bcc133917e7ee501bc7\"\u003e\u003ccode\u003e3661fb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;[Tests] fix tests in node \u0026lt; 3\u0026quot; \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7431b5766805cbf880c1b3d0f38d484357844ff7\"\u003e\u003ccode\u003e7431b57\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node \u0026lt; 3 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/eb9f97a66ed83836bebc4ff563a1588248708501\"\u003e\u003ccode\u003eeb9f97a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] ensure unknown algorithms throw + known ones match node \u003ca href=\"https://github.com/browserify/pbkdf2/commit/26d4fd391e00ed806840ea1ef7341937985f4ba8\"\u003e\u003ccode\u003e26d4fd3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add GHA, always run nyc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/513906a735e80a0e125e1a3363c5dbe90bb34bb7\"\u003e\u003ccode\u003e513906a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix a few more rules \u003ca href=\"https://github.com/browserify/pbkdf2/commit/ab04da834a0342cb3779486314fa67ebc1e3f035\"\u003e\u003ccode\u003eab04da8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] switch to eslint \u003ca href=\"https://github.com/browserify/pbkdf2/commit/89694cf7e4062a8c924fbe74ad2b2d3cf78f1715\"\u003e\u003ccode\u003e89694cf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add coverage \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d0d534bfdc4db6d6ea9f719606ad18a78db6c124\"\u003e\u003ccode\u003ed0d534b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb\"\u003e\u003ccode\u003ee3102a8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] improve badges \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fca0c9d4c5b053d911315a3607367d1db9f9f605\"\u003e\u003ccode\u003efca0c9d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] remove unused travis file \u003ca href=\"https://github.com/browserify/pbkdf2/commit/a2c7d93bbcad73c49dad0c18fef6b8a4af8c3310\"\u003e\u003ccode\u003ea2c7d93\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] switch from \u003ccode\u003efiles\u003c/code\u003e to \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7f31fbca528fa5af3b7d3910daf09a7e5ed8adb4\"\u003e\u003ccode\u003e7f31fbc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] use .nycrc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8d628e8d5559b4acd4d4a714afb04a2990f901b7\"\u003e\u003ccode\u003e8d628e8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/ea4768bd09be327904b4ac075d9328c7c7ee2404\"\u003e\u003ccode\u003eea4768b\u003c/code\u003e\u003c/a\u003e v3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/b729629ca1ced08e42ecd5419a7971f20307ebb5\"\u003e\u003ccode\u003eb729629\u003c/code\u003e\u003c/a\u003e [Tests] fix \u003ccode\u003enpm run postlint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/7c4a4959142269cbfae8b1448e3a5848b84ac2f4\"\u003e\u003ccode\u003e7c4a495\u003c/code\u003e\u003c/a\u003e [Fix] coerce \u003ccode\u003e-0\u003c/code\u003e keylen to \u003ccode\u003e+0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/5e0cf517d1124dd42df315b0cc5cc6219426350b\"\u003e\u003ccode\u003e5e0cf51\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/1c3b1f526b052a29b3b42120c9821895772df7e8\"\u003e\u003ccode\u003e1c3b1f5\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3cce1691f5021a70673ecb8833f729c1840cd38\"\u003e\u003ccode\u003ee3cce16\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/f6b0e424257980e3331da18bd7d1ed3232d17afd\"\u003e\u003ccode\u003ef6b0e42\u003c/code\u003e\u003c/a\u003e [eslint] fix an error\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/fb1f74746f8f1ab171d7d43ede48eeca9e694ce3\"\u003e\u003ccode\u003efb1f747\u003c/code\u003e\u003c/a\u003e [New] add TypeScript type declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/528bd3861dda05e2d7e1ef7cbb724baca43766e3\"\u003e\u003ccode\u003e528bd38\u003c/code\u003e\u003c/a\u003e [readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/36879052911703147a6dfa5e97422126bf3cda5b\"\u003e\u003ccode\u003e3687905\u003c/code\u003e\u003c/a\u003e v3.1.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for pbkdf2 since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `send` from 0.18.0 to 0.19.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/releases\"\u003esend's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.19.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/279\"\u003epillarjs/send#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 0.19.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/280\"\u003epillarjs/send#280\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.1...0.19.2\"\u003ehttps://github.com/pillarjs/send/compare/0.19.1...0.19.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(deps): encodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/240\"\u003epillarjs/send#240\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.0...0.19.1\"\u003ehttps://github.com/pillarjs/send/compare/0.19.0...0.19.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.18.0...0.19.0\"\u003ehttps://github.com/pillarjs/send/compare/0.18.0...0.19.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/blob/master/HISTORY.md\"\u003esend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.19.2 / 2025-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@~2.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.1 / 2024-10-09\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/34ba03b7579d31c8bb6d5a3ead573da1a7a118e7\"\u003e\u003ccode\u003e34ba03b\u003c/code\u003e\u003c/a\u003e 0.19.2 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/280\"\u003e#280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/e53e4e51b98e62955c9e302e77585a85f45a9c8b\"\u003e\u003ccode\u003ee53e4e5\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/279\"\u003e#279\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/19efaa39b98ff3ea26a90a484b9fd11efe0b37cd\"\u003e\u003ccode\u003e19efaa3\u003c/code\u003e\u003c/a\u003e 0.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/0a9fa80d8b49643066a6f7b5b4cb891b8e44cc05\"\u003e\u003ccode\u003e0a9fa80\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/9d2db99518b366d20783fe1c08a1b9bd418929ce\"\u003e\u003ccode\u003e9d2db99\u003c/code\u003e\u003c/a\u003e 0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35\"\u003e\u003ccode\u003eae4f298\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pillarjs/send/compare/0.18.0...0.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for send since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sha.js` from 2.4.11 to 2.4.12\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/sha.js/blob/master/CHANGELOG.md\"\u003esha.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ev2.4.12\u003c/a\u003e - 2025-07-01\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/sha.js/commit/7acadfbd3abb558880212b20669fcb09e1aa1c58\"\u003e\u003ccode\u003e7acadfb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix package.json indentation \u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/sha.js/commit/c43c64adc6d3607d470538df72338fc02e63bc24\"\u003e\u003ccode\u003ec43c64a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] support multi-byte wide typed arrays \u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] reorder package.json \u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] avoid console logs \u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests run in batch \u003ca href=\"https://github.com/browserify/sha.js/commit/262913006e94616c8cd24...\n\n_Description has been truncated_","html_url":"https://github.com/Dct555/1inch-token/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Dct555%2F1inch-token/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"4535521614","node_id":"PR_kwDOO4ZYrM7f-4dY","number":611,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 23 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-03T20:32:51.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-27T20:31:40.000Z","updated_at":"2026-06-03T20:32:54.000Z","time_to_close":604871,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"uuid","old_version":"8.3.2","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"bn.js","old_version":"5.2.2","new_version":"5.2.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"@babel/runtime","old_version":"7.25.4","new_version":"7.26.10","repository_url":"https://github.com/babel/babel"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"@tootallnate/once","old_version":"2.0.0","new_version":"2.0.1","repository_url":"https://github.com/TooTallNate/once"},{"name":"axios","old_version":"1.7.5","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"base-x","old_version":"3.0.10","new_version":"3.0.11","repository_url":"https://github.com/cryptocoinjs/base-x"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"fast-xml-builder","old_version":"1.1.4","new_version":"1.2.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-builder"},{"name":"fast-xml-parser","old_version":"5.5.9","new_version":"5.8.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"4.0.0","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"handlebars","old_version":"4.7.8","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash-es","old_version":"4.17.23","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"postcss","old_version":"8.4.41","new_version":"8.5.15","repository_url":"https://github.com/postcss/postcss"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 18 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [uuid](https://github.com/uuidjs/uuid) | `8.3.2` | `14.0.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `5.2.2` | `5.2.3` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.25.4` | `7.26.10` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.11` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `2.0.0` | `2.0.1` |\n| [axios](https://github.com/axios/axios) | `1.7.5` | `1.16.1` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.10` | `3.0.11` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [fast-xml-builder](https://github.com/NaturalIntelligence/fast-xml-builder) | `1.1.4` | `1.2.0` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.5.9` | `5.8.0` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.5` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.8` | `4.7.9` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [lodash-es](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.4.41` | `8.5.15` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/accounts-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/analytics-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/assets-controllers directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/bridge-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/bridge-status-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/core-backend directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/eip-5792-middleware directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/gas-fee-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/keyring-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/logging-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/message-manager directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/multichain-account-service directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/multichain-transactions-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/network-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/notification-services-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/perps-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/polling-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/remote-feature-flag-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/shield-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/signature-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/transaction-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/user-operation-controller directory: [uuid](https://github.com/uuidjs/uuid).\n\nUpdates `uuid` from 8.3.2 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v8.3.2...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 5.2.2 to 5.2.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/indutny/bn.js/blob/master/CHANGELOG.md\"\u003ebn.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.3 / 2026-02-19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ea6c072a951493ca99e5cd5f8da3851b90116271\"\u003e\u003ccode\u003eea6c072\u003c/code\u003e\u003c/a\u003e 5.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/33df26b5771e824f303a79ec6407409376baa64b\"\u003e\u003ccode\u003e33df26b\u003c/code\u003e\u003c/a\u003e fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v5.2.2...v5.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/runtime` from 7.25.4 to 7.26.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/runtime's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.26.10 (2025-03-11)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/jordan-choi\"\u003e\u003ccode\u003e@​jordan-choi\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/mmmsssttt404\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003cp\u003eThis release includes a fix for \u003ca href=\"https://github.com/babel/babel/security/advisories/GHSA-968p-4wvh-cqc8\"\u003ehttps://github.com/babel/babel/security/advisories/GHSA-968p-4wvh-cqc8\u003c/a\u003e, a security vulnerability which affects the \u003ccode\u003e.replace\u003c/code\u003e method of transpiled regular expressions that use named capturing groups.\u003c/p\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17159\"\u003e#17159\u003c/a\u003e Disallow decorator in array pattern (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e, \u003ccode\u003ebabel-template\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17164\"\u003e#17164\u003c/a\u003e Fix: always initialize ExportDeclaration attributes (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17142\"\u003e#17142\u003c/a\u003e fix: \u0026quot;Map maximum size exceeded\u0026quot; in deepClone (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-typescript\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17154\"\u003e#17154\u003c/a\u003e Update typescript parser tests (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17151\"\u003e#17151\u003c/a\u003e fix: Should not evaluate vars in child scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17153\"\u003e#17153\u003c/a\u003e fix: Correctly generate \u003ccode\u003eabstract override\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17107\"\u003e#17107\u003c/a\u003e Fix source type detection when parsing TypeScript (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-runtime\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs2\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17173\"\u003e#17173\u003c/a\u003e Fix processing of replacement pattern with named capture groups (\u003ca href=\"https://github.com/%5Bmmmsssttt404%5D(https://github.com/mmmsssttt404)\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17158\"\u003e#17158\u003c/a\u003e Avoid warnings when re-bundling \u003ccode\u003e@​babel/standalone\u003c/code\u003e with webpack (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17160\"\u003e#17160\u003c/a\u003e Left-value parsing cleanup (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBabel Bot (\u003ca href=\"https://github.com/babel-bot\"\u003e\u003ccode\u003e@​babel-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eYunyoung Jordan Choi (\u003ca href=\"https://github.com/jordan-choi\"\u003e\u003ccode\u003e@​jordan-choi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mmmsssttt404\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.26.9 (2025-02-14)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17103\"\u003e#17103\u003c/a\u003e fix: Definition for \u003ccode\u003eTSPropertySignature.kind\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17062\"\u003e#17062\u003c/a\u003e Print TypeScript optional/definite in ClassPrivateProperty (\u003ca href=\"https://github.com/jamiebuilds-signal\"\u003e\u003ccode\u003e@​jamiebuilds-signal\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/e1ce99df422971175249509e7bbc2b327b8f7957\"\u003e\u003ccode\u003ee1ce99d\u003c/code\u003e\u003c/a\u003e v7.26.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d5952e80c0faa5ec20e35085531b6e572d31dad4\"\u003e\u003ccode\u003ed5952e8\u003c/code\u003e\u003c/a\u003e Fix processing of replacement pattern with named capture groups (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17173\"\u003e#17173\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/64bca7b5f308cd52c192a5c821a57f6d1b0475f4\"\u003e\u003ccode\u003e64bca7b\u003c/code\u003e\u003c/a\u003e v7.26.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/2d9514066e3b135835ed93246ebbcdb7ca0263ca\"\u003e\u003ccode\u003e2d95140\u003c/code\u003e\u003c/a\u003e v7.26.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/63d30381c169780460e01bdb6669c5e01af1dfbe\"\u003e\u003ccode\u003e63d3038\u003c/code\u003e\u003c/a\u003e v7.26.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/b07957ebb316a1e2fc67454fc7423508bb942e63\"\u003e\u003ccode\u003eb07957e\u003c/code\u003e\u003c/a\u003e v7.25.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/af917594e4df3decdde2ce0b1614d607b27367a5\"\u003e\u003ccode\u003eaf91759\u003c/code\u003e\u003c/a\u003e fix: Accidentally publishing useless files (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/16917\"\u003e#16917\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/2533cfb0c1d90140f320f1e03d41e20407ca30bf\"\u003e\u003ccode\u003e2533cfb\u003c/code\u003e\u003c/a\u003e v7.25.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/69d65f1aef74de135a8b262bb9770a41e97b7476\"\u003e\u003ccode\u003e69d65f1\u003c/code\u003e\u003c/a\u003e [babel 8] Require Node.js \u003ccode\u003e^18.20.0 || ^20.17.0 || \u0026gt;=22.8.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/16800\"\u003e#16800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/2f72b978f9acc68d065e7da10c8e270d6f96b7c4\"\u003e\u003ccode\u003e2f72b97\u003c/code\u003e\u003c/a\u003e v7.25.6\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.26.10/packages/babel-runtime\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.4.3 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md\"\u003etar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e7.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ezstd\u003c/code\u003e compression support.\u003c/li\u003e\n\u003cli\u003eConsistent TOCTOU behavior in sync t.list\u003c/li\u003e\n\u003cli\u003eOnly read from ustar block if not specified in Pax\u003c/li\u003e\n\u003cli\u003eFix sync tar.list when file size reduces while reading\u003c/li\u003e\n\u003cli\u003eSanitize absolute linkpaths properly\u003c/li\u003e\n\u003cli\u003ePrevent writing hardlink entries to the archive ahead of their\nfile target\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eonentry\u003c/code\u003e in favor of \u003ccode\u003eonReadEntry\u003c/code\u003e for clarity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonWriteEntry\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDRY the command definitions into a single \u003ccode\u003emakeCommand\u003c/code\u003e method,\nand update the type signatures to more appropriately infer the\nreturn type from the options and arguments provided.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate minipass to v7.1.0\u003c/li\u003e\n\u003cli\u003eUpdate the type definitions of \u003ccode\u003ewrite()\u003c/code\u003e and \u003ccode\u003eend()\u003c/code\u003e methods on\n\u003ccode\u003eUnpack\u003c/code\u003e and \u003ccode\u003eParser\u003c/code\u003e classes to be compatible with the\nNodeJS.WritableStream type in the latest versions of\n\u003ccode\u003e@types/node\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node \u0026lt;18\u003c/li\u003e\n\u003cli\u003eRewrite in TypeScript, provide ESM and CommonJS hybrid\ninterface\u003c/li\u003e\n\u003cli\u003eAdd tree-shake friendly exports, like \u003ccode\u003eimport('tar/create')\u003c/code\u003e\nand \u003ccode\u003eimport('tar/read-entry')\u003c/code\u003e to get individual functions or\nclasses.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003echmod\u003c/code\u003e option that defaults to false, and deprecate\n\u003ccode\u003enoChmod\u003c/code\u003e. That is, reverse the default option regarding\nexplicitly setting file system modes to match tar entry\nsettings.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eprocessUmask\u003c/code\u003e option to avoid having to call\n\u003ccode\u003eprocess.umask()\u003c/code\u003e when \u003ccode\u003echmod: true\u003c/code\u003e (or \u003ccode\u003enoChmod: false\u003c/code\u003e) is\nset.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2b72abc1d47c3570e1ad95c9ab557fc4c2e6e4b1\"\u003e\u003ccode\u003e2b72abc\u003c/code\u003e\u003c/a\u003e 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f\"\u003e\u003ccode\u003e7bc755d\u003c/code\u003e\u003c/a\u003e parse root off paths before sanitizing .. parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/c8cb84629dee649feedde03f2f4ea48f2e44e778\"\u003e\u003ccode\u003ec8cb846\u003c/code\u003e\u003c/a\u003e update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/1f0c2c9006b10199cf2686f8ef43e79a1773e1aa\"\u003e\u003ccode\u003e1f0c2c9\u003c/code\u003e\u003c/a\u003e 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fbb08518bf290733b68ca4d4135f75becf73fd75\"\u003e\u003ccode\u003efbb0851\u003c/code\u003e\u003c/a\u003e build minified version as default export\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6b8eba0ef367ac937e703238daa6df94ae6f823f\"\u003e\u003ccode\u003e6b8eba0\u003c/code\u003e\u003c/a\u003e 7.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384\"\u003e\u003ccode\u003e2cb1120\u003c/code\u003e\u003c/a\u003e fix(unpack): improve UnpackSync symlink error \u0026quot;into\u0026quot; path accuracy\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.4.3...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tootallnate/once` from 2.0.0 to 2.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/releases\"\u003e@​tootallnate/once's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea1e5e2d: Fix promise hang when AbortSignal is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/blob/v2.0.1/CHANGELOG.md\"\u003e@​tootallnate/once's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea1e5e2d: Fix promise hang when AbortSignal is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/bcbb21d387e5fb2d0bf8ec2fd8d0ac97d4553241\"\u003e\u003ccode\u003ebcbb21d\u003c/code\u003e\u003c/a\u003e ci: fix OIDC publishing — Node 24, npm latest, provenance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/dc24387be8e3405f1e7c911caf76c87b72a0e145\"\u003e\u003ccode\u003edc24387\u003c/code\u003e\u003c/a\u003e Version Packages (2.x) (\u003ca href=\"https://redirect.github.com/TooTallNate/once/issues/12\"\u003e#12\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b8a6f80afcfd2482b4bdb1e29d784340a05e0ce3\"\u003e\u003ccode\u003eb8a6f80\u003c/code\u003e\u003c/a\u003e CI: test all Node versions on Linux only\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/dabcc0fb6202663cd83994f0a21ea1c710395327\"\u003e\u003ccode\u003edabcc0f\u003c/code\u003e\u003c/a\u003e ci: drop EOL Node.js 14.x/16.x, add 22.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b464efcf4238d92590245b4d211d2fc05a94d28a\"\u003e\u003ccode\u003eb464efc\u003c/code\u003e\u003c/a\u003e Update CI: modern Node versions, fix macOS ARM64 compat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/a1e5e2d784bcd1c65e49fac1524c6c94fe81f871\"\u003e\u003ccode\u003ea1e5e2d\u003c/code\u003e\u003c/a\u003e Fix promise hang when AbortSignal is aborted\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TooTallNate/once/compare/2.0.0...v2.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​tootallnate/once\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.7.5 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.7.5...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `base-x` from 3.0.10 to 3.0.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/043a888a9bae09bc4b40500e37792e2c6398e9f2\"\u003e\u003ccode\u003e043a888\u003c/code\u003e\u003c/a\u003e 3.0.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/2705dddd2565b455641985974b534291d8defb31\"\u003e\u003ccode\u003e2705ddd\u003c/code\u003e\u003c/a\u003e [backport 3.x] Prohibit char codes that would overflow the \u003ccode\u003eBASE_MAP\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/base-x/compare/v3.0.10...v3.0.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-builder` from 1.1.4 to 1.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/blob/main/CHANGELOG.md\"\u003efast-xml-builder's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003e1.2.0\u003c/strong\u003e (2026-05-08)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003esanitizeName\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eSupport xml-naming for validating and sanitizing tag and attribute names\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.9\u003c/strong\u003e (2026-05-06)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: format output for preserve order when indent by is set to empty string\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.8\u003c/strong\u003e (2026-05-05)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: skip text property for PI tags\u003c/li\u003e\n\u003cli\u003eimprove typings\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.7\u003c/strong\u003e (2026--05-04)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix security issues when attribute value contains quotes\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.6\u003c/strong\u003e (2026--05-04)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix security issues related to comment\u003c/li\u003e\n\u003cli\u003eskip comment with null value\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.5\u003c/strong\u003e (2026-04-17)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix security issues related to comment and cdata\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.4\u003c/strong\u003e (2026-03-16)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esupport maxNestedTags option\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.3\u003c/strong\u003e (2026-03-13)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edeclare Matcher \u0026amp; Expression as unknown so user is not forced to install path-expression-matcher\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.2\u003c/strong\u003e (2026-03-11)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix typings\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.1\u003c/strong\u003e (2026-03-11)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade path-expression-matcher to 1.1.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.0\u003c/strong\u003e (2026-03-10)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntegrate \u003ca href=\"https://github.com/NaturalIntelligence/path-expression-matcher\"\u003epath-expression-matcher\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/a9a905b316176ef9a97bdf5450e60efbf0341f25\"\u003e\u003ccode\u003ea9a905b\u003c/code\u003e\u003c/a\u003e for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/42680e8d730c48082268823fd285e10127ddba21\"\u003e\u003ccode\u003e42680e8\u003c/code\u003e\u003c/a\u003e support name sanitization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/8b00185bf6be67981ffc40e06c18acbbbe908779\"\u003e\u003ccode\u003e8b00185\u003c/code\u003e\u003c/a\u003e release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/8a08f173d7b9c9a82599fe7de279ca7e12c3ad6b\"\u003e\u003ccode\u003e8a08f17\u003c/code\u003e\u003c/a\u003e allow indentation to be empty string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/7fc5decb9613afbd5d03747b1a0f11e0916e34ef\"\u003e\u003ccode\u003e7fc5dec\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/c241b6a8ed1863e5f518490ec1fcc38b13f2c370\"\u003e\u003ccode\u003ec241b6a\u003c/code\u003e\u003c/a\u003e improve documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/15d5668b53777400c8d80b6e21029c1a70888c78\"\u003e\u003ccode\u003e15d5668\u003c/code\u003e\u003c/a\u003e update for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/98774853a696a1aee4dca830dd3eee2759676bd2\"\u003e\u003ccode\u003e9877485\u003c/code\u003e\u003c/a\u003e fix: skip text property for PI tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/311a2213a817cf31558bea7c0e0807b0d4441814\"\u003e\u003ccode\u003e311a221\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-builder/issues/5\"\u003e#5\u003c/a\u003e typing import issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/e8fc5b15d9d54b559781961f066de82a55aabcdd\"\u003e\u003ccode\u003ee8fc5b1\u003c/code\u003e\u003c/a\u003e update for releast\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/compare/v1.1.4...v1.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 5.5.9 to 5.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eupdate strnum, FXB. Use xml-naming for DOCTYPE\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eintegrate xml-naming to validate DOCTYPE entity name and notation name (using qname because of backward compatibility)\n\u003cul\u003e\n\u003cli\u003eThis will consider xml-version as well. '1.0' is default\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate strnum to 2.3.0\n\u003cul\u003e\n\u003cli\u003eYou can set octal and binary parsing which is by deault off\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate fast-xml-builder to 1.2.0\n\u003cul\u003e\n\u003cli\u003ecan sanitize tag names if found invalid\u003c/li\u003e\n\u003cli\u003efix format output\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003efix minor old bugs and update builder\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: alwaysCreateTextNode should create text node when attributes are present for self closing node\u003c/li\u003e\n\u003cli\u003efix stop node expression when ns prefix is removed (found by \u003ca href=\"https://github.com/iruizsalinas\"\u003eiruizsalinas\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate XML Builder to 1.1.7\u003c/li\u003e\n\u003cli\u003emark addEntity deprecated\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ebackward compatibility for numerical external entity, fix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/705\"\u003e#705\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/817\"\u003e#817\u003c/a\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eallow numerical external entity for backward compatibility\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/705\"\u003e#705\u003c/a\u003e: attributesGroupName working with preserveOrder\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/817\"\u003e#817\u003c/a\u003e: stackoverflow when tag expression is very long\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eupgrade \u003ccode\u003e@​nodable/entities\u003c/code\u003e and FXB\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003e@nodable/entities\u003c/code\u003e v2.1.0\n\u003cul\u003e\n\u003cli\u003ebreaking changes\n\u003cul\u003e\n\u003cli\u003esingle entity scan. You're not allowed to use entity value to form another entity name.\u003c/li\u003e\n\u003cli\u003eyou cant add numeric external entity\u003c/li\u003e\n\u003cli\u003eentity error message when expantion limit is crossed might change\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003etypings are updated for new options related to process entity\u003c/li\u003e\n\u003cli\u003eplease follow documentation of \u003ccode\u003e@nodable/entities\u003c/code\u003e for more detail.\u003c/li\u003e\n\u003cli\u003eperformance\n\u003cul\u003e\n\u003cli\u003eif processEntities is false, then there should not be impact on performance.\u003c/li\u003e\n\u003cli\u003eif processEntities is true, but you dont pass entity decoder separately then performance may degrade by approx 8-10%\u003c/li\u003e\n\u003cli\u003eif processEntities is true, and you pass entity decoder separately\n\u003cul\u003e\n\u003cli\u003eif no entity then performance should be same as before\u003c/li\u003e\n\u003cli\u003eif there are entities then performance should be increased from past versions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eignoreAttributes is not required to be set to set xml version for NCR entity value\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate 'fast-xml-builder' to sanitize malicious CDATA and comment's content\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo API change\u003c/li\u003e\n\u003cli\u003eNo change in performance for basic usage\u003c/li\u003e\n\u003cli\u003eNo typing change\u003c/li\u003e\n\u003cli\u003eNo config change\u003c/li\u003e\n\u003cli\u003enew dependency\u003c/li\u003e\n\u003cli\u003ebreaking: error messages for entities might have been changed.\u003c/li\u003e\n\u003cli\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eperformance improvment, increase entity expansion default limit\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eincrease default entity explansion limit as many projects demand for that\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003efast-xml-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003eNote: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003cp\u003eNote: Due to some last quick changes on v4, detail of v4.5.3 \u0026amp; v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion\u003c/p\u003e\n\u003cp\u003e*\u003cem\u003e5.8.0 / 2026-05-12\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eintegrate xml-naming to validate DOCTYPE entity name and notation name (using qname becaue of backward compatibility)\n\u003cul\u003e\n\u003cli\u003eThis will consider xml-version as well. '1.0' is default\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate strnum to 2.3.0\n\u003cul\u003e\n\u003cli\u003eYou can set octal and binary parsing which is bydeault off\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate fast-xml-builder to 1.2.0\n\u003cul\u003e\n\u003cli\u003ecan sanitize tag names if found invalid\u003c/li\u003e\n\u003cli\u003efix format output\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.3 / 2006-05-05\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: alwaysCreateTextNode should create text node when attributes are present for self closing node\u003c/li\u003e\n\u003cli\u003efix stop node expression when ns prefix is removed (found by \u003ca href=\"https://github.com/iruizsalinas\"\u003eiruizsalinas\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate XML Builder to 1.1.7\u003c/li\u003e\n\u003cli\u003emark addEntity deprecated\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.2 / 2026-04-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eallow numerical external entity for backward compatibility\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/705\"\u003e#705\u003c/a\u003e: attributesGroupName working with preserveOrder\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/817\"\u003e#817\u003c/a\u003e: stackoverflow when tag expression is very long\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.1 / 2026-04-20\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix typo in CJS typing file\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.0 / 2026-04-17\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003e@nodable/entities\u003c/code\u003e v2.1.0\n\u003cul\u003e\n\u003cli\u003ebreaking changes\n\u003cul\u003e\n\u003cli\u003esingle entity scan. You're not allowed to user entity value to form another entity name.\u003c/li\u003e\n\u003cli\u003eyou cant add numeric external entity\u003c/li\u003e\n\u003cli\u003eentity error message when expantion limit is crossed might change\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003etypings are updated for new options related to process entity\u003c/li\u003e\n\u003cli\u003eplease follow documentation of \u003ccode\u003e@nodable/entities\u003c/code\u003e for more detail.\u003c/li\u003e\n\u003cli\u003eperformance\n\u003cul\u003e\n\u003cli\u003eif processEntities is false, then there should not be impact on performance.\u003c/li\u003e\n\u003cli\u003eif processEntities is true, but you dont pass entity decoder separately then performance may degrade by approx 8-10%\u003c/li\u003e\n\u003cli\u003eif processEntities is true, and you pass entity decoder separately\n\u003cul\u003e\n\u003cli\u003eif no entity then performance should be same as before\u003c/li\u003e\n\u003cli\u003eif there are entities then performance should be increased from past versions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eignoreAttributes is not required to be set to set xml version for NCR entity value\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate 'fast-xml-builder' to sanitize malicious CDATA and comment's content\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.6.0 / 2026-04-15\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: entity replacement for numeric entities\u003c/li\u003e\n\u003cli\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\n\u003cul\u003e\n\u003cli\u003ethis may change some error messages related to entities expansion limit or inavlid use\u003c/li\u003e\n\u003cli\u003epost check would be exposed in future version\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/4bcee44a034ec99706b68b16e31f4072505b13e9\"\u003e\u003ccode\u003e4bcee44\u003c/code\u003e\u003c/a\u003e for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/8a287bf2524f0a3a4c32be7edaedced3a9839ab8\"\u003e\u003ccode\u003e8a287bf\u003c/code\u003e\u003c/a\u003e release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/50b01dcacb8fe21f986a9e7b55800bd96401fe58\"\u003e\u003ccode\u003e50b01dc\u003c/code\u003e\u003c/a\u003e Use \u0026quot;\u003ccode\u003e@​byspec/xml\u003c/code\u003e\u0026quot; for testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/816b652c83249edc1569c523f7bc3e13b3ef929c\"\u003e\u003ccode\u003e816b652\u003c/code\u003e\u003c/a\u003e update typings to mark validator use deprecated\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/8ad0e650bcdb05001b533f27bc01f2e873d87cc5\"\u003e\u003ccode\u003e8ad0e65\u003c/code\u003e\u003c/a\u003e update fast-xml-builder and strnum\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/58e967ed7f8208e4896b607cf5a057a5659f97c6\"\u003e\u003ccode\u003e58e967e\u003c/code\u003e\u003c/a\u003e integrate xml-naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/42fa3c3af8e0d59e9fe213785a1b204b39338d2b\"\u003e\u003ccode\u003e42fa3c3\u003c/code\u003e\u003c/a\u003e separate XML validator, UPDATE DOCS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/d6d80429b1d1f1420902e1cebac6fe7831ba0839\"\u003e\u003ccode\u003ed6d8042\u003c/code\u003e\u003c/a\u003e update to release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/d2633709699520c514208ea70e31adb6d71ab0e8\"\u003e\u003ccode\u003ed263370\u003c/code\u003e\u003c/a\u003e remove dev dependency 'he'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f9c9a2c19f819ab6fe0856ef4e94d6aa28fe1eec\"\u003e\u003ccode\u003ef9c9a2c\u003c/code\u003e\u003c/a\u003e update builder to 1.1.7\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.8.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b...\n\n_Description has been truncated_","html_url":"https://github.com/Reality2byte/core/pull/611","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Reality2byte%2Fcore/issues/611","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/611/packages"},{"uuid":"4513395873","node_id":"PR_kwDOGn7O-c7e3L81","number":21,"state":"closed","title":"Bump the npm_and_yarn group across 16 directories with 20 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-25T03:02:50.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-25T00:09:50.000Z","updated_at":"2026-05-25T03:02:53.000Z","time_to_close":10380,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":20,"packages":[{"name":"express","old_version":"4.17.0","new_version":"4.22.0","repository_url":"https://github.com/expressjs/express"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.4","repository_url":"https://github.com/isaacs/minimatch"},{"name":"tar","old_version":"4.4.10","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"devalue","old_version":"2.0.1","new_version":"5.8.1","repository_url":"https://github.com/sveltejs/devalue"},{"name":"uuid","old_version":"8.3.2","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"ws","old_version":"8.2.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.12.1","new_version":"7.29.4","repository_url":"https://github.com/babel/babel"},{"name":"bn.js","old_version":"4.11.9","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"flatted","old_version":"3.1.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.9.0","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"handlebars","old_version":"4.7.6","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"js-yaml","old_version":"3.13.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"rollup","old_version":"2.35.1","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 16 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [express](https://github.com/expressjs/express) | `4.17.0` | `4.22.0` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.4` |\n| [tar](https://github.com/isaacs/node-tar) | `4.4.10` | `7.5.11` |\n| [devalue](https://github.com/sveltejs/devalue) | `2.0.1` | `5.8.1` |\n| [uuid](https://github.com/uuidjs/uuid) | `8.3.2` | `14.0.0` |\n| [ws](https://github.com/websockets/ws) | `8.2.3` | `8.20.1` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.12.1` | `7.29.4` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.11.9` | `4.12.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.9.0` | `1.16.0` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.6` | `4.7.9` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.13.1` | `3.14.2` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.35.1` | `2.80.0` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n\nBumps the npm_and_yarn group with 1 update in the /examples/api-routes-apollo-server-and-client-auth directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /examples/api-routes-rate-limit directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /examples/auth-with-stytch directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/blog-with-comment directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/styled-jsx-with-csp directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/using-preact directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-aws-amplify-typescript directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-i18n-next-intl directory: [next-intl](https://github.com/amannn/next-intl).\nBumps the npm_and_yarn group with 1 update in the /examples/with-next-translate directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-nhost-auth-realtime-graphql directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-paste-typescript directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-react-intl directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-redis directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /examples/with-tesfy directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 3 updates in the /packages/next directory: [devalue](https://github.com/sveltejs/devalue), [uuid](https://github.com/uuidjs/uuid) and [ws](https://github.com/websockets/ws).\n\nUpdates `express` from 4.17.0 to 4.22.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003e\u0026quot;back\u0026quot;\u003c/code\u003e magic string in redirects by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5935\"\u003eexpressjs/express#5935\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efinalhandler@1.3.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5954\"\u003eexpressjs/express#5954\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): serve-static@1.16.2 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5951\"\u003eexpressjs/express#5951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgraded dependency qs to 6.13.0 to match qs in body-parser by \u003ca href=\"https://github.com/agadzinski93\"\u003e\u003ccode\u003e@​agadzinski93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5946\"\u003eexpressjs/express#5946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agadzinski93\"\u003e\u003ccode\u003e@​agadzinski93\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5946\"\u003eexpressjs/express#5946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/4.22.0/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eWill be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.19.2 / 2024-03-25\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/3a5edfaff06f1a2c7079b08d0635108b371eddfd\"\u003e\u003ccode\u003e3a5edfa\u003c/code\u003e\u003c/a\u003e fix(ci): updated github actions ci workflow (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6323\"\u003e#6323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/52d978119a7af27667cce5d99ac0739dc269d818\"\u003e\u003ccode\u003e52d9781\u003c/code\u003e\u003c/a\u003e fix(test): add test for method routes without paths \u003ca href=\"https://redirect.github.com/expressjs/express/issues/5955\"\u003e#5955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.0...4.22.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.0.4 to 3.1.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9c31b2d4e0af72a6c2d2d62c5dbc2247da669802\"\u003e\u003ccode\u003e9c31b2d\u003c/code\u003e\u003c/a\u003e update test expectations for coalesced consecutive stars\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/46fe687857cf02f6cf45469cc593b97e11b10c96\"\u003e\u003ccode\u003e46fe687\u003c/code\u003e\u003c/a\u003e coalesce consecutive non-globstar * characters\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/5a9ccbda64befc5d94b965534dbea2853c92aebd\"\u003e\u003ccode\u003e5a9ccbd\u003c/code\u003e\u003c/a\u003e [meta] update publishConfig.tag to legacy-v3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 4.4.10 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/releases\"\u003etar's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.13\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-tar/compare/v6.1.12...v6.1.13\"\u003e6.1.13\u003c/a\u003e (2022-12-07)\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/cc4e0ddfe523a0bce383846a67442c637a65d486\"\u003e\u003ccode\u003ecc4e0dd\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-tar/pull/343\"\u003e#343\u003c/a\u003e bump minipass from 3.3.6 to 4.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.12\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-tar/compare/v6.1.11...v6.1.12\"\u003e6.1.12\u003c/a\u003e (2022-10-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/57493ee66ece50d62114e02914282fc37be3a91a\"\u003e\u003ccode\u003e57493ee\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-tar/pull/332\"\u003e#332\u003c/a\u003e ensuring close event is emited after stream has ended (\u003ca href=\"https://github.com/webark\"\u003e\u003ccode\u003e@​webark\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/b003c64f624332e24e19b30dc011069bb6708680\"\u003e\u003ccode\u003eb003c64\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-tar/pull/314\"\u003e#314\u003c/a\u003e replace deprecated String.prototype.substr() (\u003ca href=\"https://redirect.github.com/isaacs/node-tar/issues/314\"\u003e#314\u003c/a\u003e) (\u003ca href=\"https://github.com/CommanderRoot\"\u003e\u003ccode\u003e@​CommanderRoot\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukekarrys\"\u003e\u003ccode\u003e@​lukekarrys\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/f12992932f171ea248b27fad95e7d489a56d31ed\"\u003e\u003ccode\u003ef129929\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-tar/pull/313\"\u003e#313\u003c/a\u003e remove dead link to benchmarks (\u003ca href=\"https://redirect.github.com/isaacs/node-tar/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://github.com/yetzt\"\u003e\u003ccode\u003e@​yetzt\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/c1faa9f44001dfb0bc7638b2850eb6058bd56a4a\"\u003e\u003ccode\u003ec1faa9f\u003c/code\u003e\u003c/a\u003e add examples/explanation of using tar.t (\u003ca href=\"https://github.com/isaacs\"\u003e\u003ccode\u003e@​isaacs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md\"\u003etar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e7.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ezstd\u003c/code\u003e compression support.\u003c/li\u003e\n\u003cli\u003eConsistent TOCTOU behavior in sync t.list\u003c/li\u003e\n\u003cli\u003eOnly read from ustar block if not specified in Pax\u003c/li\u003e\n\u003cli\u003eFix sync tar.list when file size reduces while reading\u003c/li\u003e\n\u003cli\u003eSanitize absolute linkpaths properly\u003c/li\u003e\n\u003cli\u003ePrevent writing hardlink entries to the archive ahead of their\nfile target\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eonentry\u003c/code\u003e in favor of \u003ccode\u003eonReadEntry\u003c/code\u003e for clarity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonWriteEntry\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDRY the command definitions into a single \u003ccode\u003emakeCommand\u003c/code\u003e method,\nand update the type signatures to more appropriately infer the\nreturn type from the options and arguments provided.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate minipass to v7.1.0\u003c/li\u003e\n\u003cli\u003eUpdate the type definitions of \u003ccode\u003ewrite()\u003c/code\u003e and \u003ccode\u003eend()\u003c/code\u003e methods on\n\u003ccode\u003eUnpack\u003c/code\u003e and \u003ccode\u003eParser\u003c/code\u003e classes to be compatible with the\nNodeJS.WritableStream type in the latest versions of\n\u003ccode\u003e@types/node\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node \u0026lt;18\u003c/li\u003e\n\u003cli\u003eRewrite in TypeScript, provide ESM and CommonJS hybrid\ninterface\u003c/li\u003e\n\u003cli\u003eAdd tree-shake friendly exports, like \u003ccode\u003eimport('tar/create')\u003c/code\u003e\nand \u003ccode\u003eimport('tar/read-entry')\u003c/code\u003e to get individual functions or\nclasses.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003echmod\u003c/code\u003e option that defaults to false, and deprecate\n\u003ccode\u003enoChmod\u003c/code\u003e. That is, reverse the default option regarding\nexplicitly setting file system modes to match tar entry\nsettings.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eprocessUmask\u003c/code\u003e option to avoid having to call\n\u003ccode\u003eprocess.umask()\u003c/code\u003e when \u003ccode\u003echmod: true\u003c/code\u003e (or \u003ccode\u003enoChmod: false\u003c/code\u003e) is\nset.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2b72abc1d47c3570e1ad95c9ab557fc4c2e6e4b1\"\u003e\u003ccode\u003e2b72abc\u003c/code\u003e\u003c/a\u003e 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f\"\u003e\u003ccode\u003e7bc755d\u003c/code\u003e\u003c/a\u003e parse root off paths before sanitizing .. parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/c8cb84629dee649feedde03f2f4ea48f2e44e778\"\u003e\u003ccode\u003ec8cb846\u003c/code\u003e\u003c/a\u003e update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/1f0c2c9006b10199cf2686f8ef43e79a1773e1aa\"\u003e\u003ccode\u003e1f0c2c9\u003c/code\u003e\u003c/a\u003e 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fbb08518bf290733b68ca4d4135f75becf73fd75\"\u003e\u003ccode\u003efbb0851\u003c/code\u003e\u003c/a\u003e build minified version as default export\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6b8eba0ef367ac937e703238daa6df94ae6f823f\"\u003e\u003ccode\u003e6b8eba0\u003c/code\u003e\u003c/a\u003e 7.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384\"\u003e\u003ccode\u003e2cb1120\u003c/code\u003e\u003c/a\u003e fix(unpack): improve UnpackSync symlink error \u0026quot;into\u0026quot; path accuracy\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v4.4.10...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devalue` from 2.0.1 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/releases\"\u003edevalue's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md\"\u003edevalue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/796ea83a76eb7e0f2af376f9c2c875f1d057f50f\"\u003e\u003ccode\u003e796ea83\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/152\"\u003e#152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/206ca6712fbc380a4571c59de9ab04b91110792d\"\u003e\u003ccode\u003e206ca67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/14933f78ff6b712829162628682b0a1993e75d19\"\u003e\u003ccode\u003e14933f7\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/c5115b0074ec298fb4077f6cee5616cefbd13902\"\u003e\u003ccode\u003ec5115b0\u003c/code\u003e\u003c/a\u003e feat: \u003ccode\u003estringifyAsync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/150\"\u003e#150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/67dad450b5db18ea9aa3059d334d8b0ee6704d9e\"\u003e\u003ccode\u003e67dad45\u003c/code\u003e\u003c/a\u003e docs: update README to reflect serialization stability non-goal (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/147\"\u003e#147\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/6eb920a7db6fe388f24f640d0e4e874a57f148fb\"\u003e\u003ccode\u003e6eb920a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/8becc7c436f0d4f85e2e5b32cb49dcfdf4fdec42\"\u003e\u003ccode\u003e8becc7c\u003c/code\u003e\u003c/a\u003e fix: handle regexes consistently in uneval's value and reference formats (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/2eee2e435ea0ea3d495dc7a266486df95a4eb6ed\"\u003e\u003ccode\u003e2eee2e4\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/498656e75d36dfc63a386240722bdeac63337b25\"\u003e\u003ccode\u003e498656e\u003c/code\u003e\u003c/a\u003e DataView support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/5590634db53ed555d3ce2e2024924b30352a6afc\"\u003e\u003ccode\u003e5590634\u003c/code\u003e\u003c/a\u003e Improve platform types support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/devalue/compare/v2.0.1...v5.8.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for devalue since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 8.3.2 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v8.3.2...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.2.3 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.2.3...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.12.1 to 7.29.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17782\"\u003e#17782\u003c/a\u003e Improve trailing comma comment handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:memo: Documentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17847\"\u003e#17847\u003c/a\u003e Replace npmjs.com links with npmx.dev (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-import-to-platform-api\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-modules\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17818\"\u003e#17818\u003c/a\u003e Load async Wasm and JSON imports in parallel (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 4\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBabel Bot (\u003ca href=\"https://github.com/babel-bot\"\u003e\u003ccode\u003e@​babel-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cd24cc07ef6558b7f6510f9177f6393c91b0549f\"\u003e\u003ccode\u003ecd24cc0\u003c/code\u003e\u003c/a\u003e chore: Update TS 5.7 (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17053\"\u003e#17053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.4/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.11.9 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/84ae31344a557abb78ddabe3bac923b7503e4fb5\"\u003e\u003ccode\u003e84ae313\u003c/code\u003e\u003c/a\u003e 4.12.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/967ed0a50a9400bbbd83b450550cf37f7fa178b9\"\u003e\u003ccode\u003e967ed0a\u003c/code\u003e\u003c/a\u003e fix: Buffer not using global in browser (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/260\"\u003e#260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/61962320d7907a1a4d03a665782cb2733160c907\"\u003e\u003ccode\u003e6196232\u003c/code\u003e\u003c/a\u003e Fix LE constructor for HEX (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.11.9...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.1.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.1.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.9.0 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.9.0...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.7.6 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8 - July 27th, 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1...\n\n_Description has been truncated_","html_url":"https://github.com/jcstein/next.js/pull/21","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jcstein%2Fnext.js/issues/21","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/21/packages"},{"uuid":"4511317616","node_id":"PR_kwDOOEg8ic7ew9uL","number":25,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 11 directories with 16 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-24T11:02:38.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-24T11:01:14.000Z","updated_at":"2026-05-24T11:02:40.000Z","time_to_close":84,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":16,"packages":[{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"uuid","old_version":"8.3.2","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"bn.js","old_version":"5.2.1","new_version":"5.2.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"@babel/runtime","old_version":"7.25.4","new_version":"7.26.10","repository_url":"https://github.com/babel/babel"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"axios","old_version":"1.7.5","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"base-x","old_version":"3.0.10","new_version":"3.0.11","repository_url":"https://github.com/cryptocoinjs/base-x"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"fast-xml-parser","old_version":"4.4.1","new_version":"4.5.6","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 15 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [uuid](https://github.com/uuidjs/uuid) | `8.3.2` | `14.0.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `5.2.1` | `5.2.3` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.25.4` | `7.26.10` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.11` |\n| [axios](https://github.com/axios/axios) | `1.7.5` | `1.16.1` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.10` | `3.0.11` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.4.1` | `4.5.6` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/accounts-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/assets-controllers directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/eth-json-rpc-provider directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/gas-fee-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/keyring-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/logging-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/message-manager directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/polling-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/signature-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/transaction-controller directory: [uuid](https://github.com/uuidjs/uuid).\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 8.3.2 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v8.3.2...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 5.2.1 to 5.2.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/indutny/bn.js/blob/master/CHANGELOG.md\"\u003ebn.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.3 / 2026-02-19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2 / 2025-04-25\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imuln/muln with zero (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ea6c072a951493ca99e5cd5f8da3851b90116271\"\u003e\u003ccode\u003eea6c072\u003c/code\u003e\u003c/a\u003e 5.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/33df26b5771e824f303a79ec6407409376baa64b\"\u003e\u003ccode\u003e33df26b\u003c/code\u003e\u003c/a\u003e fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6db7c3818569423b94ebcf2bdff90fcfb9c47f6d\"\u003e\u003ccode\u003e6db7c38\u003c/code\u003e\u003c/a\u003e 5.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c7e1a532566c83fd0297ff7669c227b824928bf4\"\u003e\u003ccode\u003ec7e1a53\u003c/code\u003e\u003c/a\u003e Fix imuln/muln with zero (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/4cc0bfa5195d54876a6b807827e582522c813019\"\u003e\u003ccode\u003e4cc0bfa\u003c/code\u003e\u003c/a\u003e docs: mention the max plain JS number argument value (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/307\"\u003e#307\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/5df40f81ea8afb835b909bb7c21e0833cdeb6a30\"\u003e\u003ccode\u003e5df40f8\u003c/code\u003e\u003c/a\u003e Document \u003ccode\u003elength\u003c/code\u003e unit in \u003ccode\u003etoBuffer(...)\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/299\"\u003e#299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v5.2.1...v5.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/runtime` from 7.25.4 to 7.26.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/runtime's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.26.10 (2025-03-11)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/jordan-choi\"\u003e\u003ccode\u003e@​jordan-choi\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/mmmsssttt404\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003cp\u003eThis release includes a fix for \u003ca href=\"https://github.com/babel/babel/security/advisories/GHSA-968p-4wvh-cqc8\"\u003ehttps://github.com/babel/babel/security/advisories/GHSA-968p-4wvh-cqc8\u003c/a\u003e, a security vulnerability which affects the \u003ccode\u003e.replace\u003c/code\u003e method of transpiled regular expressions that use named capturing groups.\u003c/p\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17159\"\u003e#17159\u003c/a\u003e Disallow decorator in array pattern (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e, \u003ccode\u003ebabel-template\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17164\"\u003e#17164\u003c/a\u003e Fix: always initialize ExportDeclaration attributes (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17142\"\u003e#17142\u003c/a\u003e fix: \u0026quot;Map maximum size exceeded\u0026quot; in deepClone (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-typescript\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17154\"\u003e#17154\u003c/a\u003e Update typescript parser tests (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17151\"\u003e#17151\u003c/a\u003e fix: Should not evaluate vars in child scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17153\"\u003e#17153\u003c/a\u003e fix: Correctly generate \u003ccode\u003eabstract override\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17107\"\u003e#17107\u003c/a\u003e Fix source type detection when parsing TypeScript (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-runtime\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs2\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17173\"\u003e#17173\u003c/a\u003e Fix processing of replacement pattern with named capture groups (\u003ca href=\"https://github.com/%5Bmmmsssttt404%5D(https://github.com/mmmsssttt404)\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17158\"\u003e#17158\u003c/a\u003e Avoid warnings when re-bundling \u003ccode\u003e@​babel/standalone\u003c/code\u003e with webpack (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17160\"\u003e#17160\u003c/a\u003e Left-value parsing cleanup (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBabel Bot (\u003ca href=\"https://github.com/babel-bot\"\u003e\u003ccode\u003e@​babel-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eYunyoung Jordan Choi (\u003ca href=\"https://github.com/jordan-choi\"\u003e\u003ccode\u003e@​jordan-choi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mmmsssttt404\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.26.9 (2025-02-14)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17103\"\u003e#17103\u003c/a\u003e fix: Definition for \u003ccode\u003eTSPropertySignature.kind\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17062\"\u003e#17062\u003c/a\u003e Print TypeScript optional/definite in ClassPrivateProperty (\u003ca href=\"https://github.com/jamiebuilds-signal\"\u003e\u003ccode\u003e@​jamiebuilds-signal\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/e1ce99df422971175249509e7bbc2b327b8f7957\"\u003e\u003ccode\u003ee1ce99d\u003c/code\u003e\u003c/a\u003e v7.26.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d5952e80c0faa5ec20e35085531b6e572d31dad4\"\u003e\u003ccode\u003ed5952e8\u003c/code\u003e\u003c/a\u003e Fix processing of replacement pattern with named capture groups (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17173\"\u003e#17173\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/64bca7b5f308cd52c192a5c821a57f6d1b0475f4\"\u003e\u003ccode\u003e64bca7b\u003c/code\u003e\u003c/a\u003e v7.26.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/2d9514066e3b135835ed93246ebbcdb7ca0263ca\"\u003e\u003ccode\u003e2d95140\u003c/code\u003e\u003c/a\u003e v7.26.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/63d30381c169780460e01bdb6669c5e01af1dfbe\"\u003e\u003ccode\u003e63d3038\u003c/code\u003e\u003c/a\u003e v7.26.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/b07957ebb316a1e2fc67454fc7423508bb942e63\"\u003e\u003ccode\u003eb07957e\u003c/code\u003e\u003c/a\u003e v7.25.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/af917594e4df3decdde2ce0b1614d607b27367a5\"\u003e\u003ccode\u003eaf91759\u003c/code\u003e\u003c/a\u003e fix: Accidentally publishing useless files (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/16917\"\u003e#16917\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/2533cfb0c1d90140f320f1e03d41e20407ca30bf\"\u003e\u003ccode\u003e2533cfb\u003c/code\u003e\u003c/a\u003e v7.25.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/69d65f1aef74de135a8b262bb9770a41e97b7476\"\u003e\u003ccode\u003e69d65f1\u003c/code\u003e\u003c/a\u003e [babel 8] Require Node.js \u003ccode\u003e^18.20.0 || ^20.17.0 || \u0026gt;=22.8.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/16800\"\u003e#16800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/2f72b978f9acc68d065e7da10c8e270d6f96b7c4\"\u003e\u003ccode\u003e2f72b97\u003c/code\u003e\u003c/a\u003e v7.25.6\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.26.10/packages/babel-runtime\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.4.3 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md\"\u003etar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e7.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ezstd\u003c/code\u003e compression support.\u003c/li\u003e\n\u003cli\u003eConsistent TOCTOU behavior in sync t.list\u003c/li\u003e\n\u003cli\u003eOnly read from ustar block if not specified in Pax\u003c/li\u003e\n\u003cli\u003eFix sync tar.list when file size reduces while reading\u003c/li\u003e\n\u003cli\u003eSanitize absolute linkpaths properly\u003c/li\u003e\n\u003cli\u003ePrevent writing hardlink entries to the archive ahead of their\nfile target\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eonentry\u003c/code\u003e in favor of \u003ccode\u003eonReadEntry\u003c/code\u003e for clarity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonWriteEntry\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDRY the command definitions into a single \u003ccode\u003emakeCommand\u003c/code\u003e method,\nand update the type signatures to more appropriately infer the\nreturn type from the options and arguments provided.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate minipass to v7.1.0\u003c/li\u003e\n\u003cli\u003eUpdate the type definitions of \u003ccode\u003ewrite()\u003c/code\u003e and \u003ccode\u003eend()\u003c/code\u003e methods on\n\u003ccode\u003eUnpack\u003c/code\u003e and \u003ccode\u003eParser\u003c/code\u003e classes to be compatible with the\nNodeJS.WritableStream type in the latest versions of\n\u003ccode\u003e@types/node\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node \u0026lt;18\u003c/li\u003e\n\u003cli\u003eRewrite in TypeScript, provide ESM and CommonJS hybrid\ninterface\u003c/li\u003e\n\u003cli\u003eAdd tree-shake friendly exports, like \u003ccode\u003eimport('tar/create')\u003c/code\u003e\nand \u003ccode\u003eimport('tar/read-entry')\u003c/code\u003e to get individual functions or\nclasses.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003echmod\u003c/code\u003e option that defaults to false, and deprecate\n\u003ccode\u003enoChmod\u003c/code\u003e. That is, reverse the default option regarding\nexplicitly setting file system modes to match tar entry\nsettings.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eprocessUmask\u003c/code\u003e option to avoid having to call\n\u003ccode\u003eprocess.umask()\u003c/code\u003e when \u003ccode\u003echmod: true\u003c/code\u003e (or \u003ccode\u003enoChmod: false\u003c/code\u003e) is\nset.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2b72abc1d47c3570e1ad95c9ab557fc4c2e6e4b1\"\u003e\u003ccode\u003e2b72abc\u003c/code\u003e\u003c/a\u003e 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f\"\u003e\u003ccode\u003e7bc755d\u003c/code\u003e\u003c/a\u003e parse root off paths before sanitizing .. parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/c8cb84629dee649feedde03f2f4ea48f2e44e778\"\u003e\u003ccode\u003ec8cb846\u003c/code\u003e\u003c/a\u003e update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/1f0c2c9006b10199cf2686f8ef43e79a1773e1aa\"\u003e\u003ccode\u003e1f0c2c9\u003c/code\u003e\u003c/a\u003e 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fbb08518bf290733b68ca4d4135f75becf73fd75\"\u003e\u003ccode\u003efbb0851\u003c/code\u003e\u003c/a\u003e build minified version as default export\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6b8eba0ef367ac937e703238daa6df94ae6f823f\"\u003e\u003ccode\u003e6b8eba0\u003c/code\u003e\u003c/a\u003e 7.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384\"\u003e\u003ccode\u003e2cb1120\u003c/code\u003e\u003c/a\u003e fix(unpack): improve UnpackSync symlink error \u0026quot;into\u0026quot; path accuracy\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.4.3...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.7.5 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.7.5...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `base-x` from 3.0.10 to 3.0.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/043a888a9bae09bc4b40500e37792e2c6398e9f2\"\u003e\u003ccode\u003e043a888\u003c/code\u003e\u003c/a\u003e 3.0.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/2705dddd2565b455641985974b534291d8defb31\"\u003e\u003ccode\u003e2705ddd\u003c/code\u003e\u003c/a\u003e [backport 3.x] Prohibit char codes that would overflow the \u003ccode\u003eBASE_MAP\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/base-x/compare/v3.0.10...v3.0.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 4.4.1 to 4.5.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary update on all the previous releases from v4.2.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMultiple minor fixes provided in the validator and parser\u003c/li\u003e\n\u003cli\u003ev6 is added for experimental use.\u003c/li\u003e\n\u003cli\u003eignoreAttributes support function, and array of string or regex\u003c/li\u003e\n\u003cli\u003eAdd support for parsing HTML numeric entities\u003c/li\u003e\n\u003cli\u003ev5 of the application is ESM module now. However, JS is also supported\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote\u003c/strong\u003e: Release section in not updated frequently. Please check \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003eCHANGELOG\u003c/a\u003e or \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/tags\"\u003eTags\u003c/a\u003e for latest release information.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/42fbb0bc95e753e03fe52cb0805a8774bba4bf28\"\u003e\u003ccode\u003e42fbb0b\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/805671cb6c19108b171b876cf3e8865f18cdb8fd\"\u003e\u003ccode\u003e805671c\u003c/code\u003e\u003c/a\u003e increase expansion limit as many system need it\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/9a2cf097c2961d4ad878f618e39fb0a9f5a0e9e5\"\u003e\u003ccode\u003e9a2cf09\u003c/code\u003e\u003c/a\u003e update version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/88d0936a23dabe51bfbf42255e2ce912dfee2221\"\u003e\u003ccode\u003e88d0936\u003c/code\u003e\u003c/a\u003e apply all fixes from v5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/d4eb6b4713a8d11e6730943392419040898ecbc0\"\u003e\u003ccode\u003ed4eb6b4\u003c/code\u003e\u003c/a\u003e update release version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/b1b9f633ff30cb4708337355c2789f08bc0558d2\"\u003e\u003ccode\u003eb1b9f63\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/faccca126e1db96b90084adda6fbe2ea2ed434e7\"\u003e\u003ccode\u003efaccca1\u003c/code\u003e\u003c/a\u003e sync with v5.3.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/ab00cdc49c681b44effbe95d6ee4392616a74aaa\"\u003e\u003ccode\u003eab00cdc\u003c/code\u003e\u003c/a\u003e update package bundle for minor fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/57c61876b47be10616ba47da904c8add26efcb58\"\u003e\u003ccode\u003e57c6187\u003c/code\u003e\u003c/a\u003e Update ReadMe\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/caeda37ebd919c799bf06ccf2f80d1e90e99d474\"\u003e\u003ccode\u003ecaeda37\u003c/code\u003e\u003c/a\u003e fix: emit full JSON string from CLI when no output filename specified (\u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/710\"\u003e#710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v4.4.1...v4.5.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.6 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.6...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 3.0.1 to 3.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c...\n\n_Description has been truncated_","html_url":"https://github.com/Web3Auth/core/pull/25","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Web3Auth%2Fcore/issues/25","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/25/packages"},{"uuid":"4511268663","node_id":"PR_kwDOGn7O-c7ewz4S","number":19,"state":"closed","title":"Bump the npm_and_yarn group across 13 directories with 20 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-24T23:53:28.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-24T10:42:32.000Z","updated_at":"2026-05-24T23:53:30.000Z","time_to_close":47456,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":20,"packages":[{"name":"express","old_version":"4.17.0","new_version":"4.22.0","repository_url":"https://github.com/expressjs/express"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.4","repository_url":"https://github.com/isaacs/minimatch"},{"name":"tar","old_version":"4.4.10","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"devalue","old_version":"2.0.1","new_version":"5.8.1","repository_url":"https://github.com/sveltejs/devalue"},{"name":"uuid","old_version":"8.3.2","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"ws","old_version":"8.2.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.12.1","new_version":"7.29.4","repository_url":"https://github.com/babel/babel"},{"name":"bn.js","old_version":"4.11.9","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"flatted","old_version":"3.1.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.9.0","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"handlebars","old_version":"4.7.6","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"js-yaml","old_version":"3.13.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"rollup","old_version":"2.35.1","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 16 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [express](https://github.com/expressjs/express) | `4.17.0` | `4.22.0` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.4` |\n| [tar](https://github.com/isaacs/node-tar) | `4.4.10` | `7.5.11` |\n| [devalue](https://github.com/sveltejs/devalue) | `2.0.1` | `5.8.1` |\n| [uuid](https://github.com/uuidjs/uuid) | `8.3.2` | `14.0.0` |\n| [ws](https://github.com/websockets/ws) | `8.2.3` | `8.20.1` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.12.1` | `7.29.4` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.11.9` | `4.12.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.9.0` | `1.16.0` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.6` | `4.7.9` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.13.1` | `3.14.2` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.35.1` | `2.80.0` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n\nBumps the npm_and_yarn group with 1 update in the /examples/auth-with-stytch directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/blog-with-comment directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/styled-jsx-with-csp directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/using-preact directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-aws-amplify-typescript directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-i18n-next-intl directory: [next-intl](https://github.com/amannn/next-intl).\nBumps the npm_and_yarn group with 1 update in the /examples/with-next-translate directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-nhost-auth-realtime-graphql directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-paste-typescript directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-react-intl directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-redis directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 3 updates in the /packages/next directory: [devalue](https://github.com/sveltejs/devalue), [uuid](https://github.com/uuidjs/uuid) and [ws](https://github.com/websockets/ws).\n\nUpdates `express` from 4.17.0 to 4.22.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003e\u0026quot;back\u0026quot;\u003c/code\u003e magic string in redirects by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5935\"\u003eexpressjs/express#5935\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efinalhandler@1.3.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5954\"\u003eexpressjs/express#5954\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): serve-static@1.16.2 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5951\"\u003eexpressjs/express#5951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgraded dependency qs to 6.13.0 to match qs in body-parser by \u003ca href=\"https://github.com/agadzinski93\"\u003e\u003ccode\u003e@​agadzinski93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5946\"\u003eexpressjs/express#5946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agadzinski93\"\u003e\u003ccode\u003e@​agadzinski93\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5946\"\u003eexpressjs/express#5946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/4.22.0/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eWill be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.19.2 / 2024-03-25\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/3a5edfaff06f1a2c7079b08d0635108b371eddfd\"\u003e\u003ccode\u003e3a5edfa\u003c/code\u003e\u003c/a\u003e fix(ci): updated github actions ci workflow (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6323\"\u003e#6323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/52d978119a7af27667cce5d99ac0739dc269d818\"\u003e\u003ccode\u003e52d9781\u003c/code\u003e\u003c/a\u003e fix(test): add test for method routes without paths \u003ca href=\"https://redirect.github.com/expressjs/express/issues/5955\"\u003e#5955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.0...4.22.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.0.4 to 3.1.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9c31b2d4e0af72a6c2d2d62c5dbc2247da669802\"\u003e\u003ccode\u003e9c31b2d\u003c/code\u003e\u003c/a\u003e update test expectations for coalesced consecutive stars\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/46fe687857cf02f6cf45469cc593b97e11b10c96\"\u003e\u003ccode\u003e46fe687\u003c/code\u003e\u003c/a\u003e coalesce consecutive non-globstar * characters\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/5a9ccbda64befc5d94b965534dbea2853c92aebd\"\u003e\u003ccode\u003e5a9ccbd\u003c/code\u003e\u003c/a\u003e [meta] update publishConfig.tag to legacy-v3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 4.4.10 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/releases\"\u003etar's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.13\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-tar/compare/v6.1.12...v6.1.13\"\u003e6.1.13\u003c/a\u003e (2022-12-07)\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/cc4e0ddfe523a0bce383846a67442c637a65d486\"\u003e\u003ccode\u003ecc4e0dd\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-tar/pull/343\"\u003e#343\u003c/a\u003e bump minipass from 3.3.6 to 4.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.12\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-tar/compare/v6.1.11...v6.1.12\"\u003e6.1.12\u003c/a\u003e (2022-10-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/57493ee66ece50d62114e02914282fc37be3a91a\"\u003e\u003ccode\u003e57493ee\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-tar/pull/332\"\u003e#332\u003c/a\u003e ensuring close event is emited after stream has ended (\u003ca href=\"https://github.com/webark\"\u003e\u003ccode\u003e@​webark\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/b003c64f624332e24e19b30dc011069bb6708680\"\u003e\u003ccode\u003eb003c64\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-tar/pull/314\"\u003e#314\u003c/a\u003e replace deprecated String.prototype.substr() (\u003ca href=\"https://redirect.github.com/isaacs/node-tar/issues/314\"\u003e#314\u003c/a\u003e) (\u003ca href=\"https://github.com/CommanderRoot\"\u003e\u003ccode\u003e@​CommanderRoot\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukekarrys\"\u003e\u003ccode\u003e@​lukekarrys\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/f12992932f171ea248b27fad95e7d489a56d31ed\"\u003e\u003ccode\u003ef129929\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-tar/pull/313\"\u003e#313\u003c/a\u003e remove dead link to benchmarks (\u003ca href=\"https://redirect.github.com/isaacs/node-tar/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://github.com/yetzt\"\u003e\u003ccode\u003e@​yetzt\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/c1faa9f44001dfb0bc7638b2850eb6058bd56a4a\"\u003e\u003ccode\u003ec1faa9f\u003c/code\u003e\u003c/a\u003e add examples/explanation of using tar.t (\u003ca href=\"https://github.com/isaacs\"\u003e\u003ccode\u003e@​isaacs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md\"\u003etar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e7.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ezstd\u003c/code\u003e compression support.\u003c/li\u003e\n\u003cli\u003eConsistent TOCTOU behavior in sync t.list\u003c/li\u003e\n\u003cli\u003eOnly read from ustar block if not specified in Pax\u003c/li\u003e\n\u003cli\u003eFix sync tar.list when file size reduces while reading\u003c/li\u003e\n\u003cli\u003eSanitize absolute linkpaths properly\u003c/li\u003e\n\u003cli\u003ePrevent writing hardlink entries to the archive ahead of their\nfile target\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eonentry\u003c/code\u003e in favor of \u003ccode\u003eonReadEntry\u003c/code\u003e for clarity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonWriteEntry\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDRY the command definitions into a single \u003ccode\u003emakeCommand\u003c/code\u003e method,\nand update the type signatures to more appropriately infer the\nreturn type from the options and arguments provided.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate minipass to v7.1.0\u003c/li\u003e\n\u003cli\u003eUpdate the type definitions of \u003ccode\u003ewrite()\u003c/code\u003e and \u003ccode\u003eend()\u003c/code\u003e methods on\n\u003ccode\u003eUnpack\u003c/code\u003e and \u003ccode\u003eParser\u003c/code\u003e classes to be compatible with the\nNodeJS.WritableStream type in the latest versions of\n\u003ccode\u003e@types/node\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node \u0026lt;18\u003c/li\u003e\n\u003cli\u003eRewrite in TypeScript, provide ESM and CommonJS hybrid\ninterface\u003c/li\u003e\n\u003cli\u003eAdd tree-shake friendly exports, like \u003ccode\u003eimport('tar/create')\u003c/code\u003e\nand \u003ccode\u003eimport('tar/read-entry')\u003c/code\u003e to get individual functions or\nclasses.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003echmod\u003c/code\u003e option that defaults to false, and deprecate\n\u003ccode\u003enoChmod\u003c/code\u003e. That is, reverse the default option regarding\nexplicitly setting file system modes to match tar entry\nsettings.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eprocessUmask\u003c/code\u003e option to avoid having to call\n\u003ccode\u003eprocess.umask()\u003c/code\u003e when \u003ccode\u003echmod: true\u003c/code\u003e (or \u003ccode\u003enoChmod: false\u003c/code\u003e) is\nset.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2b72abc1d47c3570e1ad95c9ab557fc4c2e6e4b1\"\u003e\u003ccode\u003e2b72abc\u003c/code\u003e\u003c/a\u003e 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f\"\u003e\u003ccode\u003e7bc755d\u003c/code\u003e\u003c/a\u003e parse root off paths before sanitizing .. parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/c8cb84629dee649feedde03f2f4ea48f2e44e778\"\u003e\u003ccode\u003ec8cb846\u003c/code\u003e\u003c/a\u003e update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/1f0c2c9006b10199cf2686f8ef43e79a1773e1aa\"\u003e\u003ccode\u003e1f0c2c9\u003c/code\u003e\u003c/a\u003e 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fbb08518bf290733b68ca4d4135f75becf73fd75\"\u003e\u003ccode\u003efbb0851\u003c/code\u003e\u003c/a\u003e build minified version as default export\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6b8eba0ef367ac937e703238daa6df94ae6f823f\"\u003e\u003ccode\u003e6b8eba0\u003c/code\u003e\u003c/a\u003e 7.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384\"\u003e\u003ccode\u003e2cb1120\u003c/code\u003e\u003c/a\u003e fix(unpack): improve UnpackSync symlink error \u0026quot;into\u0026quot; path accuracy\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v4.4.10...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devalue` from 2.0.1 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/releases\"\u003edevalue's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md\"\u003edevalue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/796ea83a76eb7e0f2af376f9c2c875f1d057f50f\"\u003e\u003ccode\u003e796ea83\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/152\"\u003e#152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/206ca6712fbc380a4571c59de9ab04b91110792d\"\u003e\u003ccode\u003e206ca67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/14933f78ff6b712829162628682b0a1993e75d19\"\u003e\u003ccode\u003e14933f7\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/c5115b0074ec298fb4077f6cee5616cefbd13902\"\u003e\u003ccode\u003ec5115b0\u003c/code\u003e\u003c/a\u003e feat: \u003ccode\u003estringifyAsync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/150\"\u003e#150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/67dad450b5db18ea9aa3059d334d8b0ee6704d9e\"\u003e\u003ccode\u003e67dad45\u003c/code\u003e\u003c/a\u003e docs: update README to reflect serialization stability non-goal (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/147\"\u003e#147\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/6eb920a7db6fe388f24f640d0e4e874a57f148fb\"\u003e\u003ccode\u003e6eb920a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/8becc7c436f0d4f85e2e5b32cb49dcfdf4fdec42\"\u003e\u003ccode\u003e8becc7c\u003c/code\u003e\u003c/a\u003e fix: handle regexes consistently in uneval's value and reference formats (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/2eee2e435ea0ea3d495dc7a266486df95a4eb6ed\"\u003e\u003ccode\u003e2eee2e4\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/498656e75d36dfc63a386240722bdeac63337b25\"\u003e\u003ccode\u003e498656e\u003c/code\u003e\u003c/a\u003e DataView support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/5590634db53ed555d3ce2e2024924b30352a6afc\"\u003e\u003ccode\u003e5590634\u003c/code\u003e\u003c/a\u003e Improve platform types support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/devalue/compare/v2.0.1...v5.8.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for devalue since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 8.3.2 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v8.3.2...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.2.3 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.2.3...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.12.1 to 7.29.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17782\"\u003e#17782\u003c/a\u003e Improve trailing comma comment handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:memo: Documentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17847\"\u003e#17847\u003c/a\u003e Replace npmjs.com links with npmx.dev (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-import-to-platform-api\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-modules\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17818\"\u003e#17818\u003c/a\u003e Load async Wasm and JSON imports in parallel (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 4\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBabel Bot (\u003ca href=\"https://github.com/babel-bot\"\u003e\u003ccode\u003e@​babel-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cd24cc07ef6558b7f6510f9177f6393c91b0549f\"\u003e\u003ccode\u003ecd24cc0\u003c/code\u003e\u003c/a\u003e chore: Update TS 5.7 (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17053\"\u003e#17053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.4/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.11.9 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/84ae31344a557abb78ddabe3bac923b7503e4fb5\"\u003e\u003ccode\u003e84ae313\u003c/code\u003e\u003c/a\u003e 4.12.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/967ed0a50a9400bbbd83b450550cf37f7fa178b9\"\u003e\u003ccode\u003e967ed0a\u003c/code\u003e\u003c/a\u003e fix: Buffer not using global in browser (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/260\"\u003e#260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/61962320d7907a1a4d03a665782cb2733160c907\"\u003e\u003ccode\u003e6196232\u003c/code\u003e\u003c/a\u003e Fix LE constructor for HEX (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.11.9...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.1.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.1.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.9.0 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.9.0...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.7.6 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8 - July 27th, 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n...\n\n_Description has been truncated_","html_url":"https://github.com/jcstein/next.js/pull/19","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jcstein%2Fnext.js/issues/19","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/19/packages"},{"uuid":"4507214175","node_id":"PR_kwDOQOLFCs7eksHq","number":10,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 4 directories with 11 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T06:56:56.000Z","updated_at":"2026-05-23T07:13:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":11,"packages":[{"name":"browserify-sign","old_version":"4.2.1","new_version":"4.2.5","repository_url":"https://github.com/crypto-browserify/browserify-sign"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"glob","old_version":"10.3.10","new_version":"10.5.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"ip-address","old_version":"9.0.5","new_version":"10.2.0","repository_url":"https://github.com/beaugunderson/ip-address"},{"name":"playwright","old_version":"1.51.0","new_version":"1.60.0","repository_url":"https://github.com/microsoft/playwright"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.2.1` | `4.2.5` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [glob](https://github.com/isaacs/node-glob) | `10.3.10` | `10.5.0` |\n| [ip-address](https://github.com/beaugunderson/ip-address) | `9.0.5` | `10.2.0` |\n| [playwright](https://github.com/microsoft/playwright) | `1.51.0` | `1.60.0` |\n\nBumps the npm_and_yarn group with 1 update in the /playwright directory: [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 2 updates in the /playwright/packages/playwright-core/bundles/utils directory: [ip-address](https://github.com/beaugunderson/ip-address) and [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 1 update in the /playwright/utils/flakiness-dashboard directory: [uuid](https://github.com/uuidjs/uuid).\n\nUpdates `browserify-sign` from 4.2.1 to 4.2.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md\"\u003ebrowserify-sign's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.4...v4.2.5\"\u003ev4.2.5\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] clean up tests and convert console info skips to tape skips \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] drop unsupported nodes from CI \u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.3...v4.2.4\"\u003ev4.2.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[actions] split out node 10-20, and 20+ \u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove \u003ccode\u003efiles\u003c/code\u003e field \u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003esemver\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5f6698211aa1d6dddaba8c245f40f63ae28924a3\"\u003e\u003ccode\u003e5f66982\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] replace \u003ccode\u003eaud\u003c/code\u003e with \u003ccode\u003enpm audit\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d44b24d8691d699ccc76780b106fe9c1bf0d1558\"\u003e\u003ccode\u003ed44b24d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] revert 9e2bf12, now that v3.1.1 is out \u003ca href=\"https://github.com/browserify/browserify-sign/commit/428cf7f3f0d09f1b39312e5e51620ca684b5c1ac\"\u003e\u003ccode\u003e428cf7f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.2...v4.2.3\"\u003ev4.2.3\u003c/a\u003e - 2024-03-05\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[patch] widen support to 0.12 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9247adfd261ededfec1c036c9d8f36c4e9f87c0e\"\u003e\u003ccode\u003e9247adf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[patch] drop minimum node support to v1 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/4d0ee49ae2dc238b877dce9aed7e23fb4cb5088d\"\u003e\u003ccode\u003e4d0ee49\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eaud\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/87f3a35a587b377da2c1987af8d41c57b5afe0a5\"\u003e\u003ccode\u003e87f3a35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] remove redundant finisher \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37a475856843b7d1b2403fdafac0024ba252e579\"\u003e\u003ccode\u003e37a4758\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003ehash-base\u003c/code\u003e to ~3.0, due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9e2bf122b70970cb92f69d53e963f18299f14d66\"\u003e\u003ccode\u003e9e2bf12\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1 [\u003c/code\u003ef427270`](\u003ca href=\"https://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\"\u003ehttps://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/fb261cea57f92b3d98bc4d8bc6228c43a5de2e91\"\u003e\u003ccode\u003efb261ce\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003eelliptic\u003c/code\u003e due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/168e16fcb54886a0281b0c983e1482a097042684\"\u003e\u003ccode\u003e168e16f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.1...v4.2.2\"\u003ev4.2.2\u003c/a\u003e - 2023-10-25\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] log when openssl doesn't support cipher \u003ca href=\"https://redirect.github.com/browserify/browserify-sign/issues/37\"\u003e\u003ccode\u003e[#37](https://github.com/crypto-browserify/browserify-sign/issues/37)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/browserify-sign/commit/09a89959393b3c89fedd4f7f3bafa4fec44371d7\"\u003e\u003ccode\u003e09a8995\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/browserify-sign/commit/83fe46374b819e959d56d2c0b931308f7451a664\"\u003e\u003ccode\u003e83fe463\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/44181838e7dcc4d5d0c568f74312ea28f0bcdfd5\"\u003e\u003ccode\u003e4418183\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9ac5a5eaaac8a11eb70ec2febd13745c8764ae02\"\u003e\u003ccode\u003e9ac5a5e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to github actions \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d845d855def38e2085d5a21e447a48300f99fa60\"\u003e\u003ccode\u003ed845d85\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003esign\u003c/code\u003e: throw on unsupported padding scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/8767739a4516289568bcce9fed8a3b7e23478de9\"\u003e\u003ccode\u003e8767739\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] properly check the upper bound for DSA signatures \u003ca href=\"https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30\"\u003e\u003ccode\u003e85994cd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle openSSL not supporting a scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/f5f17c27f9824de40b5ce8ebd8502111203fd6af\"\u003e\u003ccode\u003ef5f17c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/d3a7458af692134219fce56a082068f678e12474\"\u003e\u003ccode\u003ed3a7458\u003c/code\u003e\u003c/a\u003e v4.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e [Tests] clean up tests and convert console info skips to tape skips\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e [Fix] restore node 0.10 support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e [actions] drop unsupported nodes from CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/9c371720efd60af4e08f83df4cd612a6ed135cec\"\u003e\u003ccode\u003e9c37172\u003c/code\u003e\u003c/a\u003e v4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e [meta] remove \u003ccode\u003efiles\u003c/code\u003e field\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e [actions] split out node 10-20, and 20+\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/browserify-sign/compare/v4.2.1...v4.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for browserify-sign since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `elliptic` from 6.5.4 to 6.6.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/9b77436a59cc35eccf4ffb848259c8762a492ee7\"\u003e\u003ccode\u003e9b77436\u003c/code\u003e\u003c/a\u003e 6.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/04cb6f54ce552b3ebde6be06d6050419e1c7333e\"\u003e\u003ccode\u003e04cb6f5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/b8a7edd61a0d9bddd0bbf3436a4b476401edbe20\"\u003e\u003ccode\u003eb8a7edd\u003c/code\u003e\u003c/a\u003e 6.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/34c853478cec1be4e37260ed2cb12cdbdc6402cf\"\u003e\u003ccode\u003e34c8534\u003c/code\u003e\u003c/a\u003e fix: signature verification due to leading zeros\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/3e46a48fdd2ef2f89593e5e058d85530578c9761\"\u003e\u003ccode\u003e3e46a48\u003c/code\u003e\u003c/a\u003e 6.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/accb61e9c1a005e5c8ff96a8b33893100bb42d11\"\u003e\u003ccode\u003eaccb61e\u003c/code\u003e\u003c/a\u003e lib: DER signature decoding correction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/03e06e135c8e44a2da560fa197d0ba1e1e2759e9\"\u003e\u003ccode\u003e03e06e1\u003c/code\u003e\u003c/a\u003e 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281\"\u003e\u003ccode\u003e7ac5360\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/75700785ff41bb5d029d19186beff26d4883caa5\"\u003e\u003ccode\u003e7570078\u003c/code\u003e\u003c/a\u003e 6.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/206da2ee373e68466cde353f81fb59ef251b740b\"\u003e\u003ccode\u003e206da2e\u003c/code\u003e\u003c/a\u003e lib: lint\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/elliptic/compare/v6.5.4...v6.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.3.10 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/56774ef73b495eb0b17cdd0f42921f5ef62297c1\"\u003e\u003ccode\u003e56774ef\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f\"\u003e\u003ccode\u003e1e4e297\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1f0c1ca01a5f256cd17f543f83e9aaeedd133939\"\u003e\u003ccode\u003e1f0c1ca\u003c/code\u003e\u003c/a\u003e 10.4.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/eaf31dcb144750a19842a8319c330d021d4c4d5f\"\u003e\u003ccode\u003eeaf31dc\u003c/code\u003e\u003c/a\u003e whatever, just allow any engines\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/78275168e1bbc7a61e372af1ba58307c27faf0cb\"\u003e\u003ccode\u003e7827516\u003c/code\u003e\u003c/a\u003e 10.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d06c8f8c8288c89a4892f4ebcc23ca21840aa4a1\"\u003e\u003ccode\u003ed06c8f8\u003c/code\u003e\u003c/a\u003e restore support for node 14.latest and 16.latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c14b787771f269651f27f6207aaf410fe171f0b6\"\u003e\u003ccode\u003ec14b787\u003c/code\u003e\u003c/a\u003e 10.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/8a69def3cad0de9ba26ca831065ffe448d153de3\"\u003e\u003ccode\u003e8a69def\u003c/code\u003e\u003c/a\u003e node 14 no longer supported\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/eef7ea35afe511079c5bf83862ed57ece2bbf7fa\"\u003e\u003ccode\u003eeef7ea3\u003c/code\u003e\u003c/a\u003e 10.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c76a7d255c74133ed33dd7aa965598316d12dd25\"\u003e\u003ccode\u003ec76a7d2\u003c/code\u003e\u003c/a\u003e use package-json-from-dist to look up package.json\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.3.10...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ip-address` from 9.0.5 to 10.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/80fccaae984618f35dc941efab55cf2440ab37e8\"\u003e\u003ccode\u003e80fccaa\u003c/code\u003e\u003c/a\u003e 10.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/abaeb4d817cab16d3a1a78abd249d1f116bd302e\"\u003e\u003ccode\u003eabaeb4d\u003c/code\u003e\u003c/a\u003e Type Address4.addressMinusSuffix as non-nilable (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/2878c294e1216f9a0b69ad1d3c57a3790a7d5e8e\"\u003e\u003ccode\u003e2878c29\u003c/code\u003e\u003c/a\u003e Preserve subnet prefix through Address6.to4() (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/123\"\u003e#123\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/203\"\u003e#203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/586666ee9e666464071761d7a453715f98b6caee\"\u003e\u003ccode\u003e586666e\u003c/code\u003e\u003c/a\u003e Reject trailing junk in Address6.fromURL (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/158\"\u003e#158\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/202\"\u003e#202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/80bc76eddf63df38db60defd5004bea919adf7ac\"\u003e\u003ccode\u003e80bc76e\u003c/code\u003e\u003c/a\u003e Validate static factories instead of silently overflowing (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/201\"\u003e#201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/98927be9ef0c09f8ffcaf30b297405c9eff0a520\"\u003e\u003ccode\u003e98927be\u003c/code\u003e\u003c/a\u003e Clarify isValid() accepts CIDRs with host bits set (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/81\"\u003e#81\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/a0eb0732d6ac3088daa1106f4933eade41fd364a\"\u003e\u003ccode\u003ea0eb073\u003c/code\u003e\u003c/a\u003e Fix getScope() and broaden getType() classification (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/122\"\u003e#122\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/200\"\u003e#200\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/ec52105c87179129b9f091e97581e87b007824c7\"\u003e\u003ccode\u003eec52105\u003c/code\u003e\u003c/a\u003e Add networkForm() for CIDR network-address strings (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/199\"\u003e#199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/a9443a72215b21a1e692be75cd3e18e8aa2262cb\"\u003e\u003ccode\u003ea9443a7\u003c/code\u003e\u003c/a\u003e Add isMapped4() predicate for IPv4-mapped IPv6 addresses (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/62\"\u003e#62\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/198\"\u003e#198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/f01d74267ed39f84521157e5f199edade9809f1e\"\u003e\u003ccode\u003ef01d742\u003c/code\u003e\u003c/a\u003e Add address-property predicates (private, ULA, loopback, link-local, etc.) (#...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/beaugunderson/ip-address/compare/v9.0.5...v10.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `playwright` from 1.51.0 to 1.60.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003eplaywright's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.60.0\u003c/h2\u003e\n\u003ch2\u003e🌐 HAR recording on Tracing\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-start-har\"\u003etracing.startHar()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-stop-har\"\u003etracing.stopHar()\u003c/a\u003e expose HAR recording as a first-class tracing API, with the same \u003ccode\u003econtent\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e and \u003ccode\u003eurlFilter\u003c/code\u003e options as \u003ccode\u003erecordHar\u003c/code\u003e. The returned \u003ca href=\"https://playwright.dev/docs/api/class-disposable\"\u003eDisposable\u003c/a\u003e makes it easy to scope a recording with \u003ccode\u003eawait using\u003c/code\u003e:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait using har = await context.tracing.startHar('trace.har');\r\nconst page = await context.newPage();\r\nawait page.goto('https://playwright.dev');\r\n// HAR is finalized when `har` goes out of scope.\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003e🪝 Drop API\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-drop\"\u003elocator.drop()\u003c/a\u003e simulates an external drag-and-drop of files or clipboard-like data onto an element. Playwright dispatches \u003ccode\u003edragenter\u003c/code\u003e, \u003ccode\u003edragover\u003c/code\u003e, and \u003ccode\u003edrop\u003c/code\u003e with a synthetic [DataTransfer] in the page context — works cross-browser and is great for testing upload zones:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait page.locator('#dropzone').drop({\r\n  files: { name: 'note.txt', mimeType: 'text/plain', buffer: Buffer.from('hello') },\r\n});\r\n\u003cp\u003eawait page.locator('#dropzone').drop({\ndata: {\n'text/plain': 'hello world',\n'text/uri-list': '\u003ca href=\"https://example.com\"\u003ehttps://example.com\u003c/a\u003e',\n},\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003ch2\u003e🎯 Aria snapshots\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://playwright.dev/docs/api/class-pageassertions#page-assertions-to-match-aria-snapshot\"\u003eexpect(page).toMatchAriaSnapshot()\u003c/a\u003e now works on a \u003ca href=\"https://playwright.dev/docs/api/class-page\"\u003ePage\u003c/a\u003e, in addition to a \u003ca href=\"https://playwright.dev/docs/api/class-locator\"\u003eLocator\u003c/a\u003e — equivalent to asserting against \u003ccode\u003epage.locator('body')\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eNew \u003ccode\u003eboxes\u003c/code\u003e option on \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-aria-snapshot\"\u003elocator.ariaSnapshot()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-page#page-aria-snapshot\"\u003epage.ariaSnapshot()\u003c/a\u003e appends each element's bounding box as \u003ccode\u003e[box=x,y,width,height]\u003c/code\u003e, useful for AI consumption.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🛑 test.abort()\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-test#test-abort\"\u003etest.abort()\u003c/a\u003e aborts the currently running test from a fixture, hook, or route handler with an optional message. Use it when you have detected an unrecoverable misuse and want to fail the test right away:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003etest('does not publish to the shared page', async ({ page }) =\u0026gt; {\r\n  await page.route('**/publish', route =\u0026gt; {\r\n    test.abort('Tests must not publish to the shared page. Use the `clone` option.');\r\n    return route.abort();\r\n  });\r\n  // ...\r\n});\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eNew APIs\u003c/h2\u003e\n\u003ch3\u003eBrowser, Context and Page\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/87bb9ddbd78f329df18c2b24847bc9409240cd07\"\u003e\u003ccode\u003e87bb9dd\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40747\"\u003e#40747\u003c/a\u003e): fix(yauzl): vendor yauzl with destroy-lifecycle fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9a9c51cb7d1b39fab51ca288e59f8ca38fd19910\"\u003e\u003ccode\u003e9a9c51c\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40733\"\u003e#40733\u003c/a\u003e): chore(electron): revert \u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40184\"\u003e#40184\u003c/a\u003e (move Electron API to a s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/4b3b628663031bcaaeca907e337892263524634d\"\u003e\u003ccode\u003e4b3b628\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40736\"\u003e#40736\u003c/a\u003e): Revert \u0026quot;feat(electron): add timeout option to electronAp...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/f869f96bbe6607cc3b88b4ca96fd82f17b301b50\"\u003e\u003ccode\u003ef869f96\u003c/code\u003e\u003c/a\u003e chore: bump version to v1.60.0 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40714\"\u003e#40714\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/7eb6918afadfb0dd5c7e94ca9ffbddd84d8fbb39\"\u003e\u003ccode\u003e7eb6918\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40710\"\u003e#40710\u003c/a\u003e): docs: release notes v1.60\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/118d2aa6076d82840decca15d96b48611b08e392\"\u003e\u003ccode\u003e118d2aa\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40693\"\u003e#40693\u003c/a\u003e): chore(python): formdata path type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/54012f5dcc586da2e5d6cccd75f13ca367b94579\"\u003e\u003ccode\u003e54012f5\u003c/code\u003e\u003c/a\u003e chore(deps): bump ip-address and express-rate-limit (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40680\"\u003e#40680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9fa531da5677a3807d6e1dccd22c5137339a44f7\"\u003e\u003ccode\u003e9fa531d\u003c/code\u003e\u003c/a\u003e fix(screencast): unblock frame ack when an async client disconnects (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40674\"\u003e#40674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/3649db560ff943e724185784d34f7db131a11961\"\u003e\u003ccode\u003e3649db5\u003c/code\u003e\u003c/a\u003e chore(mcp): bump default extension protocol to v2 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40678\"\u003e#40678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/bb6c00957f47ba04caad7fca75d426309a2d32d4\"\u003e\u003ccode\u003ebb6c009\u003c/code\u003e\u003c/a\u003e chore(extension): mark 0.2.1 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40679\"\u003e#40679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.51.0...v1.60.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for playwright since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.5.3 to 8.5.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed declaration parsing performance (by \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax regression (by \u003ca href=\"https://github.com/43081j\"\u003e\u003ccode\u003e@​43081j\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epostcss-scss\u003c/code\u003e commend regression.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed reading any file via user-generated CSS.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eopts.unsafeMap\u003c/code\u003e to disable checks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed nested brackets parsing performance (by \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed declaration parsing performance (by \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax regression (by \u003ca href=\"https://github.com/43081j\"\u003e\u003ccode\u003e@​43081j\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epostcss-scss\u003c/code\u003e commend regression.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed reading any file via user-generated CSS.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eopts.unsafeMap\u003c/code\u003e to disable checks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed nested brackets parsing performance (by \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/eae46db765d752cf8f40c4fa2b0b85030079c43d\"\u003e\u003ccode\u003eeae46db\u003c/code\u003e\u003c/a\u003e Release 8.5.15 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/79508ffa59e42c02056aca61b88bc393c8b516c4\"\u003e\u003ccode\u003e79508ff\u003c/code\u003e\u003c/a\u003e Update CI actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/b128e2131288a411c6e28071d0929542c49e74eb\"\u003e\u003ccode\u003eb128e21\u003c/code\u003e\u003c/a\u003e Speed up declaration parsing by avoiding creating new array on each token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/9825dca02c33cf610e2a842be767468b67fbecf9\"\u003e\u003ccode\u003e9825dca\u003c/code\u003e\u003c/a\u003e Fix code format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/55789c865281e2be194fa5b4e41dd046be3a2307\"\u003e\u003ccode\u003e55789c8\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/84fbbe9009cb3cc3bbb4cc3a9b65d468f4844d95\"\u003e\u003ccode\u003e84fbbe9\u003c/code\u003e\u003c/a\u003e Install older pnpm action for old Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/9f860bd78ec1dbc4f0ae72d693f03f956baa38cb\"\u003e\u003ccode\u003e9f860bd\u003c/code\u003e\u003c/a\u003e Revert pnpm action for old Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/08771986d47359545f502e009763e223b66bfcf6\"\u003e\u003ccode\u003e0877198\u003c/code\u003e\u003c/a\u003e Update CI actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/b2d1a335cea818f8b27e5cfb90147648afe3e582\"\u003e\u003ccode\u003eb2d1a33\u003c/code\u003e\u003c/a\u003e Fix linter warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/0700dac92283bc259977dff2743ca74a00f58267\"\u003e\u003ccode\u003e0700dac\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2088\"\u003e#2088\u003c/a\u003e from rootvector2/add-oss-fuzz-harness\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.5.3...8.5.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.5.3 to 8.5.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed declaration parsing performance (by \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax regression (by \u003ca href=\"https://github.com/43081j\"\u003e\u003ccode\u003e@​43081j\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epostcss-scss\u003c/code\u003e commend regression.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed reading any file via user-generated CSS.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eopts.unsafeMap\u003c/code\u003e to disable checks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed nested brackets parsing performance (by \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed declaration parsing performance (by \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax regression (by \u003ca href=\"https://github.com/43081j\"\u003e\u003ccode\u003e@​43081j\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epostcss-scss\u003c/code\u003e commend regression.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed reading any file via user-generated CSS.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eopts.unsafeMap\u003c/code\u003e to disable checks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed nested brackets parsing performance (by \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/eae46db765d752cf8f40c4fa2b0b85030079c43d\"\u003e\u003ccode\u003eeae46db\u003c/code\u003e\u003c/a\u003e Release 8.5.15 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/79508ffa59e42c02056aca61b88bc393c8b516c4\"\u003e\u003ccode\u003e79508ff\u003c/code\u003e\u003c/a\u003e Update CI actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/b128e2131288a411c6e28071d0929542c49e74eb\"\u003e\u003ccode\u003eb128e21\u003c/code\u003e\u003c/a\u003e Speed up declaration parsing by avoiding creating new array on each token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/9825dca02c33cf610e2a842be767468b67fbecf9\"\u003e\u003ccode\u003e9825dca\u003c/code\u003e\u003c/a\u003e Fix code format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/55789c865281e2be194fa5b4e41dd046be3a2307\"\u003e\u003ccode\u003e55789c8\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/84fbbe9009cb3cc3bbb4cc3a9b65d468f4844d95\"\u003e\u003ccode\u003e84fbbe9\u003c/code\u003e\u003c/a\u003e Install older pnpm action for old Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/9f860bd78ec1dbc4f0ae72d693f03f956baa38cb\"\u003e\u003ccode\u003e9f860bd\u003c/code\u003e\u003c/a\u003e Revert pnpm action for old Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/08771986d47359545f502e009763e223b66bfcf6\"\u003e\u003ccode\u003e0877198\u003c/code\u003e\u003c/a\u003e Update CI actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/b2d1a335cea818f8b27e5cfb90147648afe3e582\"\u003e\u003ccode\u003eb2d1a33\u003c/code\u003e\u003c/a\u003e Fix linter warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/0700dac92283bc259977dff2743ca74a00f58267\"\u003e\u003ccode\u003e0700dac\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2088\"\u003e#2088\u003c/a\u003e from rootvector2/add-oss-fuzz-harness\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.5.3...8.5.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.18.0 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.18.0...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `svelte` from 5.53.5 to 5.55.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/svelte/releases\"\u003esvelte's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esvelte@5.55.9\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: don't unset batch when calling \u003ccode\u003e{#await ...}\u003c/code\u003e promise (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18243\"\u003e#18243\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: promise-ify \u003ccode\u003e{#await await ...}\u003c/code\u003e expressions on the server and correctly hydrate them on the client (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18243\"\u003e#18243\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: deduplicate dependencies that are added outside the init/update cycle (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18243\"\u003e#18243\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: avoid false-positive batch invariant error (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18246\"\u003e#18246\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: inline primitive constants in attribute values during SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18232\"\u003e#18232\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.55.8\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix(print): handle \u003ccode\u003esvelte:body\u003c/code\u003e and fix keyframe percentage double-printing (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18234\"\u003e#18234\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: execute uninitialized derived even if it's destroyed (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18228\"\u003e#18228\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: use named symbols everywhere (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18238\"\u003e#18238\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: don't run teardown effects when deriveds are unfreezed (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18227\"\u003e#18227\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: unset context synchronously in \u003ccode\u003erun\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18236\"\u003e#18236\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.55.7\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: prevent XSS on \u003ccode\u003ehydratable\u003c/code\u003e from user contents (\u003ca href=\"https://github.com/sveltejs/svelte/commit/a16ebc67bbcf8f708360195687e1b2719463e1a4\"\u003e\u003ccode\u003ea16ebc67bbcf8f708360195687e1b2719463e1a4\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: bump devalue (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18219\"\u003e#18219\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: disallow empty attribute names during SSR (\u003ca href=\"https://github.com/sveltejs/svelte/commit/547853e2406a2147ad7fb5ffeba95b01bd9642da\"\u003e\u003ccode\u003e547853e2406a2147ad7fb5ffeba95b01bd9642da\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: harden regex (\u003ca href=\"https://github.com/sveltejs/svelte/commit/d2375e2ebcab5c88feb5652f1a9d621b8f06b259\"\u003e\u003ccode\u003ed2375e2ebcab5c88feb5652f1a9d621b8f06b259\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: move Svelte runtime properties to symbols (\u003ca href=\"https://github.com/sveltejs/svelte/commit/e1cbbd96441e82c9eb8a23a2903c0d06d3cda991\"\u003e\u003ccode\u003ee1cbbd96441e82c9eb8a23a2903c0d06d3cda991\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.55.6\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: leave stale promises to wait for a later resolution, instead of rejecting (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18180\"\u003e#18180\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: keep dependencies of \u003ccode\u003e$state.eager/pending\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18218\"\u003e#18218\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: reapply context after transforming error during SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18099\"\u003e#18099\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: don't rebase just-created batches (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18117\"\u003e#18117\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md\"\u003esvelte's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.55.9\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: don't unset batch when calling \u003ccode\u003e{#await ...}\u003c/code\u003e promise (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18243\"\u003e#18243\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: promise-ify \u003ccode\u003e{#await await ...}\u003c/code\u003e expressions on the server and correctly hydrate them on the client (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18243\"\u003e#18243\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: deduplicate dependencies that are added outside the init/update cycle (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18243\"\u003e#18243\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: avoid false-positive batch invariant error (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18246\"\u003e#18246\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: inline primitive constants in attribute values during SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18232\"\u003e#18232\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.55.8\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix(print): handle \u003ccode\u003esvelte:body\u003c/code\u003e and fix keyframe percentage double-printing (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18234\"\u003e#18234\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: execute uninitialized derived even if it's destroyed (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18228\"\u003e#18228\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: use named symbols everywhere (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18238\"\u003e#18238\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: don't run teardown effects when deriveds are unfreezed (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18227\"\u003e#18227\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: unset context synchronously in \u003ccode\u003erun\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18236\"\u003e#18236\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.55.7\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: prevent XSS on \u003ccode\u003ehydratable\u003c/code\u003e from user contents (\u003ca href=\"https://github.com/sveltejs/svelte/commit/a16ebc67bbcf8f708360195687e1b2719463e1a4\"\u003e\u003ccode\u003ea16ebc67bbcf8f708360195687e1b2719463e1a4\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: bump devalue (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18219\"\u003e#18219\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: disallow empty attribute names during SSR (\u003ca href=\"https://github.com/sveltejs/svelte/commit/547853e2406a2147ad7fb5ffeba95b01bd9642da\"\u003e\u003ccode\u003e547853e2406a2147ad7fb5ffeba95b01bd9642da\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: harden regex (\u003ca href=\"https://github.com/sveltejs/svelte/commit/d2375e2ebcab5c88feb5652f1a9d621b8f06b259\"\u003e\u003ccode\u003ed2375e2ebcab5c88feb5652f1a9d621b8f06b259\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: move Svelte runtime properties to symbols (\u003ca href=\"https://github.com/sveltejs/svelte/commit/e1cbbd96441e82c9eb8a23a2903c0d06d3cda991\"\u003e\u003ccode\u003ee1cbbd96441e82c9eb8a23a2903c0d06d3cda991\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.55.6\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: leave stale promises to wait for a later resolution, instead of rejecting (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18180\"\u003e#18180\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: keep dependencies of \u003ccode\u003e$state.eager/pending\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18218\"\u003e#18218\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/b65a3f3fc5e1607966e3e27f7e28fc691e622683\"\u003e\u003ccode\u003eb65a3f3\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18240\"\u003e#18240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/ef319ed492869e075bfb29685a606bce4818adb7\"\u003e\u003ccode\u003eef319ed\u003c/code\u003e\u003c/a\u003e chore: bump acorn-typescript/esrap (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18248\"\u003e#18248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/d654db83ef3c299e0b7833e6c418ce02d6127abd\"\u003e\u003ccode\u003ed654db8\u003c/code\u003e\u003c/a\u003e fix: avoid false-positive batch invariant error (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18246\"\u003e#18246\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/000c594e05d27e3e56c08cf30274689615d99092\"\u003e\u003ccode\u003e000c594\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003e{#await await ...}\u003c/code\u003e and async dependencies fixes (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18243\"\u003e#18243\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/a5df6616ea6c8ee0984ff0fc7b04e51472f1d01d\"\u003e\u003ccode\u003ea5df661\u003c/code\u003e\u003c/a\u003e fix: avoid unnecessary stringify in server attributes (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18232\"\u003e#18232\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/f9440dc3ed28a9f1f518b0216d0e10fce00f1618\"\u003e\u003ccode\u003ef9440dc\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18239\"\u003e#18239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/ca3f35bf7d3eeea6d0b5f477d208c3fd9c19988c\"\u003e\u003ccode\u003eca3f35b\u003c/code\u003e\u003c/a\u003e fix(print): handle svelte:body and fix keyframe percentage double-printing (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/2bc3592eb1ba1b37bde6c893e84b28e2f630db59\"\u003e\u003ccode\u003e2bc3592\u003c/code\u003e\u003c/a\u003e fix: use named symbols everywhere (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18238\"\u003e#18238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/dc1f037fa67bf2fbdeb1c5f18b2b1f7d023077e3\"\u003e\u003ccode\u003edc1f037\u003c/code\u003e\u003c/a\u003e fix: don't run teardown effects when deriveds are unfreezed (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18227\"\u003e#18227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/1e899cba354d2b25593afc1bbf04bf3555b5d26a\"\u003e\u003ccode\u003e1e899cb\u003c/code\u003e\u003c/a\u003e fix: execute uninitialized derived even if it's destroyed (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18228\"\u003e#18228\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/svelte/commits/svelte@5.55.9/packages/svelte\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devalue` from 5.7.0 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/releases\"\u003edevalue's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md\"\u003edevalue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/796ea83a76eb7e0f2af376f9c2c875f1d057f50f\"\u003e\u003ccode\u003e796ea83\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/152\"\u003e#152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/206ca6712fbc380a4571c59de9ab04b91110792d\"\u003e\u003ccode\u003e206ca67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/14933f78ff6b712829162628682b0a1993e75d19\"\u003e\u003ccode\u003e14933f7\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/c5115b0074ec298fb4077f6cee5616cefbd13902\"\u003e\u003ccode\u003ec5115b0\u003c/code\u003e\u003c/a\u003e feat: \u003ccode\u003estringifyAsync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/150\"\u003e#150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/67dad450b5db18ea9aa3059d334d8b0ee6704d9e\"\u003e\u003ccode\u003e67dad45\u003c/code\u003e\u003c/a\u003e docs: update README to reflect serialization stability non-goal (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/147\"\u003e#147\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/6eb920a7db6fe388f24f640d0e4e874a57f148fb\"\u003e\u003ccode\u003e6eb920a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/8becc7c436f0d4f85e2e5b32cb49dcfdf4fdec42\"\u003e\u003ccode\u003e8becc7c\u003c/code\u003e\u003c/a\u003e fix: handle regexes consistently in uneval's value and reference formats (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/sveltejs/devalue/compare/v5.7.0...v5.8.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ip-address` from 9.0.5 to 10.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/80fccaae984618f35dc941efab55cf2440ab37e8\"\u003e\u003ccode\u003e80fccaa\u003c/code\u003e\u003c/a\u003e 10.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/abaeb4d817cab16d3a1a78abd249d1f116bd302e\"\u003e\u003ccode\u003eabaeb4d\u003c/code\u003e\u003c/a\u003e Type Address4.addressMinusSuffix as non-nilable (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/2878c294e1216f9a0b69ad1d3c57a3790a7d5e8e\"\u003e\u003ccode\u003e2878c29\u003c/code\u003e\u003c/a\u003e Preserve subnet prefix through Address6.to4() (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/123\"\u003e#123\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/203\"\u003e#203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/586666ee9e666464071761d7a453715f98b6caee\"\u003e\u003ccode\u003e586666e\u003c/code\u003e\u003c/a\u003e Reject trailing junk in Address6.fromURL (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/158\"\u003e#158\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/202\"\u003e#202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/80bc76eddf63df38db60defd5004bea919adf7ac\"\u003e\u003ccode\u003e80bc76e\u003c/code\u003e\u003c/a\u003e Validate static factories instead of silently overflowing (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/201\"\u003e#201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/98927be9ef0c09f8ffcaf30b297405c9eff0a520\"\u003e\u003ccode\u003e98927be\u003c/code\u003e\u003c/a\u003e Clarify isValid() accepts CIDRs with host bits set (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/81\"\u003e#81\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/a0eb0732d6ac3088daa1106f4933eade41fd364a\"\u003e\u003ccode\u003ea0eb073\u003c/code\u003e\u003c/a\u003e Fix getScope() and broaden getType() classification (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/122\"\u003e#122\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/200\"\u003e#200\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/ec52105c87179129b9f091e97581e87b007824c7\"\u003e\u003ccode\u003eec52105\u003c/code\u003e\u003c/a\u003e Add networkForm() for CIDR network-address strings (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/199\"\u003e#199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/a9443a72215b21a1e692be75cd3e18e8aa2262cb\"\u003e\u003ccode\u003ea9443a7\u003c/code\u003e\u003c/a\u003e Add isMapped4() predicate for IPv4-mapped IPv6 addresses (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/62\"\u003e#62\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/198\"\u003e#198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/f01d74267ed39f84521157e5f199edade9809f1e\"\u003e\u003ccode\u003ef01d742\u003c/code\u003e\u003c/a\u003e Add address-property predicates (private, ULA, loopback, link-local, etc.) (#...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/beaugunderson/ip-address/compare/v9.0.5...v10.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.17.1 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.18.0...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `uuid`\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore thi...\n\n_Description has been truncated_\n\n---\n\n🔧 This PR updates 11 npm dependencies across 4 directories to their latest versions, including major version bumps for Vite (6.x → 8.x), esbuild (0.25 → 0.28), and Playwright (1.51 → 1.60), along with security fixes for several packages.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Build Tools**: Vite updated from 6.4.2 to 8.0.14 across multiple packages, esbuild from 0.25.0 to 0.28.0\n- **Testing Framework**: Playwright upgraded from 1.51.0 to 1.60.0 with new features like HAR recording, drop API, and aria snapshots\n- **Security Updates**: Multiple packages received security patches including browserify-sign, cipher-base, postcss, and ws\n- **Utility Libraries**: Updated minimatch (3.1.4 → 10.2.5), ip-address (9.0.5 → 10.2.0), yaml (2.8.3 → 2.9.0)\n- **Azure SDK**: Updated @azure/identity and @azure/storage-blob to latest versions\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify Vulnerable Dependencies]\n    B --\u003e C[Update Package Versions]\n    C --\u003e D[Root Directory Updates]\n    C --\u003e E[Playwright Directory Updates]\n    C --\u003e F[Examples Directory Updates]\n    C --\u003e G[Utils Directory Updates]\n    D --\u003e H[Security Patches Applied]\n    E --\u003e H\n    F --\u003e H\n    G --\u003e H\n    H --\u003e I[Automated Testing]\n    I --\u003e J[PR Creation]\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple security vulnerabilities in cryptographic libraries and web socket implementations\n- **Feature Improvements**: Playwright 1.60 introduces new testing capabilities including HAR recording on tracing and drop API for drag-and-drop testing\n- **Performance Gains**: Updated build tools and utilities provide better performance and modern JavaScript support\n- **Maintenance**: Keeps dependencies current and reduces technical debt across the project ecosystem\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/playwright-crx/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fplaywright-crx/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"},{"uuid":"4505809996","node_id":"PR_kwDOBTb13s7egWqB","number":159,"state":"closed","title":"build(deps): bump the web-npm-security-minor-patch group across 1 directory with 23 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-22T23:56:14.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-22T21:56:29.000Z","updated_at":"2026-05-22T23:56:15.000Z","time_to_close":7185,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"web-npm-security-minor-patch","update_count":23,"packages":[{"name":"underscore","old_version":"1.12.1","new_version":"1.13.8","repository_url":"https://github.com/jashkenas/underscore"},{"name":"@babel/runtime","old_version":"7.6.0","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"@babel/traverse","old_version":"7.2.3","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"browserify-sign","old_version":"4.0.4","new_version":"4.2.5","repository_url":"https://github.com/crypto-browserify/browserify-sign"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"decode-uri-component","old_version":"0.2.0","new_version":"0.2.2","repository_url":"https://github.com/SamVerschueren/decode-uri-component"},{"name":"qs","old_version":"6.5.2","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"body-parser","old_version":"1.18.3","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"handlebars","old_version":"4.5.3","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"immutable","old_version":"5.1.3","new_version":"5.1.5","repository_url":"https://github.com/immutable-js/immutable-js"},{"name":"tmp","old_version":"0.0.33","new_version":"0.2.5","repository_url":"https://github.com/raszi/node-tmp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the web-npm-security-minor-patch group with 11 updates in the /web directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [underscore](https://github.com/jashkenas/underscore) | `1.12.1` | `1.13.8` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.6.0` | `7.29.2` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.2.3` | `7.29.0` |\n| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.5` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |\n| [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.15.2` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.18.3` | `1.20.5` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.5.3` | `4.7.9` |\n| [immutable](https://github.com/immutable-js/immutable-js) | `5.1.3` | `5.1.5` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.0.33` | `0.2.5` |\n\n\nUpdates `underscore` from 1.12.1 to 1.13.8\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/9374840c22e348083d0d072f30dc980622523259\"\u003e\u003ccode\u003e9374840\u003c/code\u003e\u003c/a\u003e Merge branch 'release/1.13.8'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/309ad7e6658b927ca5f28ce069665d9c523c53e5\"\u003e\u003ccode\u003e309ad7e\u003c/code\u003e\u003c/a\u003e Re-generate annotated sources and minified codemaps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/a1ac1d33537662304d4985f61301112ea0f1f051\"\u003e\u003ccode\u003ea1ac1d3\u003c/code\u003e\u003c/a\u003e Add links to diff and docs in 1.13.8 change log entry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/b579595ec9da8db15196bc1d3547833458939c44\"\u003e\u003ccode\u003eb579595\u003c/code\u003e\u003c/a\u003e Mention CVE-2026-27601 in comments and documentation (\u003ca href=\"https://redirect.github.com/jashkenas/underscore/issues/3011\"\u003e#3011\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/45ea015a99069780db492a114c1e709dd77d3b89\"\u003e\u003ccode\u003e45ea015\u003c/code\u003e\u003c/a\u003e Revert obfuscations from 42823bb.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/4a4019e00beb2c42eda20c05f375a35983b748f0\"\u003e\u003ccode\u003e4a4019e\u003c/code\u003e\u003c/a\u003e Update minified bundles\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/1ccfdd0c50470d862bb553c1e0c70567a59d4355\"\u003e\u003ccode\u003e1ccfdd0\u003c/code\u003e\u003c/a\u003e Add preliminary release notes for 1.13.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/42823bbff87e9fe82855d5adb5ba7ff839f8b446\"\u003e\u003ccode\u003e42823bb\u003c/code\u003e\u003c/a\u003e Temporarily obfuscate comments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/a6e23ae9647461ec33ad9f92a2ecfc220eea0a84\"\u003e\u003ccode\u003ea6e23ae\u003c/code\u003e\u003c/a\u003e Make _.isEqual nonrecursive\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/f2b516441ab99b82045f2a336c348899e6527e00\"\u003e\u003ccode\u003ef2b5164\u003c/code\u003e\u003c/a\u003e Add regression test against stack overflow in _.isEqual\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jashkenas/underscore/compare/1.12.1...1.13.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/runtime` from 7.6.0 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/runtime's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17789\"\u003e#17789\u003c/a\u003e [7.x backport] preset-env include/exclude should accept bugfix plugins (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17813\"\u003e#17813\u003c/a\u003e chore: update eslint peer deps (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/f68ac511f091f6d1f698e8ce59cd668d3bfc6102\"\u003e\u003ccode\u003ef68ac51\u003c/code\u003e\u003c/a\u003e chore: Avoid CITGM errors (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17382\"\u003e#17382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/baa4cb8b9f8a551d7dae9042b19ea2f74df6b110\"\u003e\u003ccode\u003ebaa4cb8\u003c/code\u003e\u003c/a\u003e v7.27.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/7d069309fdfcedda2928a043f6f7c98135c1242a\"\u003e\u003ccode\u003e7d06930\u003c/code\u003e\u003c/a\u003e v7.27.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/5b9468d9bf1ab4f427241673e9f03593da115a69\"\u003e\u003ccode\u003e5b9468d\u003c/code\u003e\u003c/a\u003e Reduce \u003ccode\u003eregenerator\u003c/code\u003e size more (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17287\"\u003e#17287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cb78b5b50e327e27467086cf8bbe196bda7cea9b\"\u003e\u003ccode\u003ecb78b5b\u003c/code\u003e\u003c/a\u003e [babel 8] Do not replace global \u003ccode\u003eregeneratorRuntime\u003c/code\u003e references in regenerato...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.2/packages/babel-runtime\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/runtime\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.2.3 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/traverse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `browserify-sign` from 4.0.4 to 4.2.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md\"\u003ebrowserify-sign's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.4...v4.2.5\"\u003ev4.2.5\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] clean up tests and convert console info skips to tape skips \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] drop unsupported nodes from CI \u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.3...v4.2.4\"\u003ev4.2.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[actions] split out node 10-20, and 20+ \u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove \u003ccode\u003efiles\u003c/code\u003e field \u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003esemver\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5f6698211aa1d6dddaba8c245f40f63ae28924a3\"\u003e\u003ccode\u003e5f66982\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] replace \u003ccode\u003eaud\u003c/code\u003e with \u003ccode\u003enpm audit\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d44b24d8691d699ccc76780b106fe9c1bf0d1558\"\u003e\u003ccode\u003ed44b24d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] revert 9e2bf12, now that v3.1.1 is out \u003ca href=\"https://github.com/browserify/browserify-sign/commit/428cf7f3f0d09f1b39312e5e51620ca684b5c1ac\"\u003e\u003ccode\u003e428cf7f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.2...v4.2.3\"\u003ev4.2.3\u003c/a\u003e - 2024-03-05\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[patch] widen support to 0.12 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9247adfd261ededfec1c036c9d8f36c4e9f87c0e\"\u003e\u003ccode\u003e9247adf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[patch] drop minimum node support to v1 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/4d0ee49ae2dc238b877dce9aed7e23fb4cb5088d\"\u003e\u003ccode\u003e4d0ee49\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eaud\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/87f3a35a587b377da2c1987af8d41c57b5afe0a5\"\u003e\u003ccode\u003e87f3a35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] remove redundant finisher \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37a475856843b7d1b2403fdafac0024ba252e579\"\u003e\u003ccode\u003e37a4758\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003ehash-base\u003c/code\u003e to ~3.0, due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9e2bf122b70970cb92f69d53e963f18299f14d66\"\u003e\u003ccode\u003e9e2bf12\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1 [\u003c/code\u003ef427270`](\u003ca href=\"https://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\"\u003ehttps://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/fb261cea57f92b3d98bc4d8bc6228c43a5de2e91\"\u003e\u003ccode\u003efb261ce\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003eelliptic\u003c/code\u003e due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/168e16fcb54886a0281b0c983e1482a097042684\"\u003e\u003ccode\u003e168e16f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.1...v4.2.2\"\u003ev4.2.2\u003c/a\u003e - 2023-10-25\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] log when openssl doesn't support cipher \u003ca href=\"https://redirect.github.com/browserify/browserify-sign/issues/37\"\u003e\u003ccode\u003e[#37](https://github.com/crypto-browserify/browserify-sign/issues/37)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/browserify-sign/commit/09a89959393b3c89fedd4f7f3bafa4fec44371d7\"\u003e\u003ccode\u003e09a8995\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/browserify-sign/commit/83fe46374b819e959d56d2c0b931308f7451a664\"\u003e\u003ccode\u003e83fe463\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/44181838e7dcc4d5d0c568f74312ea28f0bcdfd5\"\u003e\u003ccode\u003e4418183\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9ac5a5eaaac8a11eb70ec2febd13745c8764ae02\"\u003e\u003ccode\u003e9ac5a5e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to github actions \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d845d855def38e2085d5a21e447a48300f99fa60\"\u003e\u003ccode\u003ed845d85\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003esign\u003c/code\u003e: throw on unsupported padding scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/8767739a4516289568bcce9fed8a3b7e23478de9\"\u003e\u003ccode\u003e8767739\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] properly check the upper bound for DSA signatures \u003ca href=\"https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30\"\u003e\u003ccode\u003e85994cd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle openSSL not supporting a scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/f5f17c27f9824de40b5ce8ebd8502111203fd6af\"\u003e\u003ccode\u003ef5f17c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/d3a7458af692134219fce56a082068f678e12474\"\u003e\u003ccode\u003ed3a7458\u003c/code\u003e\u003c/a\u003e v4.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e [Tests] clean up tests and convert console info skips to tape skips\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e [Fix] restore node 0.10 support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e [actions] drop unsupported nodes from CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/9c371720efd60af4e08f83df4cd612a6ed135cec\"\u003e\u003ccode\u003e9c37172\u003c/code\u003e\u003c/a\u003e v4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e [meta] remove \u003ccode\u003efiles\u003c/code\u003e field\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e [actions] split out node 10-20, and 20+\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/browserify-sign/compare/v4.0.4...v4.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for browserify-sign since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `decode-uri-component` from 0.2.0 to 0.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/releases\"\u003edecode-uri-component's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent overwriting previously decoded tokens  980e0bf\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2\"\u003ehttps://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitch to GitHub workflows  76abc93\u003c/li\u003e\n\u003cli\u003eFix issue where decode throws - fixes \u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/6\"\u003e#6\u003c/a\u003e  746ca5d\u003c/li\u003e\n\u003cli\u003eUpdate license (\u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/1\"\u003e#1\u003c/a\u003e)  486d7e2\u003c/li\u003e\n\u003cli\u003eTidelift tasks  a650457\u003c/li\u003e\n\u003cli\u003eMeta tweaks  66e1c28\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1\"\u003ehttps://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb\"\u003e\u003ccode\u003ea0eea46\u003c/code\u003e\u003c/a\u003e 0.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152\"\u003e\u003ccode\u003e980e0bf\u003c/code\u003e\u003c/a\u003e Prevent overwriting previously decoded tokens\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33\"\u003e\u003ccode\u003e3c8a373\u003c/code\u003e\u003c/a\u003e 0.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3\"\u003e\u003ccode\u003e76abc93\u003c/code\u003e\u003c/a\u003e Switch to GitHub workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9\"\u003e\u003ccode\u003e746ca5d\u003c/code\u003e\u003c/a\u003e Fix issue where decode throws - fixes \u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/6\"\u003e#6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30\"\u003e\u003ccode\u003e486d7e2\u003c/code\u003e\u003c/a\u003e Update license (\u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/1\"\u003e#1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134\"\u003e\u003ccode\u003ea650457\u003c/code\u003e\u003c/a\u003e Tidelift tasks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02\"\u003e\u003ccode\u003e66e1c28\u003c/code\u003e\u003c/a\u003e Meta tweaks\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `elliptic` from 6.5.1 to 6.6.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/9b77436a59cc35eccf4ffb848259c8762a492ee7\"\u003e\u003ccode\u003e9b77436\u003c/code\u003e\u003c/a\u003e 6.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/04cb6f54ce552b3ebde6be06d6050419e1c7333e\"\u003e\u003ccode\u003e04cb6f5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/b8a7edd61a0d9bddd0bbf3436a4b476401edbe20\"\u003e\u003ccode\u003eb8a7edd\u003c/code\u003e\u003c/a\u003e 6.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/34c853478cec1be4e37260ed2cb12cdbdc6402cf\"\u003e\u003ccode\u003e34c8534\u003c/code\u003e\u003c/a\u003e fix: signature verification due to leading zeros\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/3e46a48fdd2ef2f89593e5e058d85530578c9761\"\u003e\u003ccode\u003e3e46a48\u003c/code\u003e\u003c/a\u003e 6.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/accb61e9c1a005e5c8ff96a8b33893100bb42d11\"\u003e\u003ccode\u003eaccb61e\u003c/code\u003e\u003c/a\u003e lib: DER signature decoding correction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/03e06e135c8e44a2da560fa197d0ba1e1e2759e9\"\u003e\u003ccode\u003e03e06e1\u003c/code\u003e\u003c/a\u003e 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281\"\u003e\u003ccode\u003e7ac5360\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/75700785ff41bb5d029d19186beff26d4883caa5\"\u003e\u003ccode\u003e7570078\u003c/code\u003e\u003c/a\u003e 6.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/206da2ee373e68466cde353f81fb59ef251b740b\"\u003e\u003ccode\u003e206da2e\u003c/code\u003e\u003c/a\u003e lib: lint\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/elliptic/compare/v6.5.1...v6.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.5.2 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.5.2...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 1.18.3 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: add support for OSSF scorecard reporting by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: fix errors in ci github action for node 8 and 9 by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/523\"\u003eexpressjs/body-parser#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pin to node@22.4.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/527\"\u003eexpressjs/body-parser#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.12.3 by \u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd OSSF Scorecard badge by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLinter by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/535\"\u003eexpressjs/body-parser#535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/1.20.5/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.5 / 2026-04-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003cli\u003efix: extended urlencoded parsing of arrays with \u0026gt;100 elements (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.4 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@~6.14.0\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: raw-body@~2.5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.3 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.2 / 2023-02-21\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix strict json error message on Node.js 19+\u003c/li\u003e\n\u003cli\u003edeps: content-type@~1.0.5\n\u003cul\u003e\n\u003cli\u003eperf: skip value escaping when unnecessary\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: raw-body@2.5.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.1 / 2022-10-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.11.0\u003c/li\u003e\n\u003cli\u003eperf: remove unnecessary object clone\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.0 / 2022-04-02\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix error message for json parse whitespace in \u003ccode\u003estrict\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix internal error when inflated body exceeds limit\u003c/li\u003e\n\u003cli\u003ePrevent loss of async hooks context\u003c/li\u003e\n\u003cli\u003ePrevent hanging when request already read\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\n\u003cul\u003e\n\u003cli\u003eReplace internal \u003ccode\u003eeval\u003c/code\u003e usage with \u003ccode\u003eFunction\u003c/code\u003e constructor\u003c/li\u003e\n\u003cli\u003eUse instance methods on \u003ccode\u003eprocess\u003c/code\u003e to check for listeners\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\n\u003cul\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.10.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/0defdbe7f95ad0d3bc007d3a7c59c8c0ab9e6575\"\u003e\u003ccode\u003e0defdbe\u003c/code\u003e\u003c/a\u003e release(patch): 1.20.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/cd0e7a000c53e7be7262d303e57a352b6a00db7f\"\u003e\u003ccode\u003ecd0e7a0\u003c/code\u003e\u003c/a\u003e deps(qs): bump qs to 6.15.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6f24d7e8bcd9860b136920926ce86da1a7dd1d51\"\u003e\u003ccode\u003e6f24d7e\u003c/code\u003e\u003c/a\u003e fix: correct off-by-one error in parameterCount (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b849bd533d8b4abf5576a3e301f28d9befa05ddd\"\u003e\u003ccode\u003eb849bd5\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/690\"\u003e#690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2c55e2f712f320a8e8d0f9fcb1d06526d0e401c9\"\u003e\u003ccode\u003e2c55e2f\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3\"\u003e\u003ccode\u003e7db202c\u003c/code\u003e\u003c/a\u003e 1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989\"\u003e\u003ccode\u003ed8f8adb\u003c/code\u003e\u003c/a\u003e ci: add CodeQL (SAST) (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3\"\u003e\u003ccode\u003e6d133c1\u003c/code\u003e\u003c/a\u003e chore: remove SECURITY.md (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/669\"\u003e#669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66\"\u003e\u003ccode\u003efcd1535\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/668\"\u003e#668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6\"\u003e\u003ccode\u003eec5fa29\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/664\"\u003e#664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.18.3...1.20.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for body-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.5.3 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8 - July 27th, 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.7 - February 15th, 2021\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix weird error in integration tests - eb860c0\u003c/li\u003e\n\u003cli\u003efix: check prototype property access in strict-mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1736\"\u003e#1736\u003c/a\u003e) - b6d3de7\u003c/li\u003e\n\u003cli\u003efix: escape property names in compat mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1736\"\u003e#1736\u003c/a\u003e) - f058970\u003c/li\u003e\n\u003cli\u003erefactor: In spec tests, use expectTemplate over equals and shouldThrow (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1683\"\u003e#1683\u003c/a\u003e) - 77825f8\u003c/li\u003e\n\u003cli\u003echore: start testing on Node.js 12 and 13 - 3789a30\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e(POSSIBLY) BREAKING CHANGES:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ethe changes from version \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md#v460---january-8th-2020\"\u003e4.6.0\u003c/a\u003e now also apply\nin when using the compile-option \u0026quot;strict: true\u0026quot;. Access to prototype properties is forbidden completely by default, specific properties or methods\ncan be allowed via runtime-options. See \u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1633\"\u003e#1633\u003c/a\u003e for details. If you are using Handlebars as documented, you should not be accessing prototype properties\nfrom your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThat is why we only bump the patch version despite mentioning breaking changes.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/wycats/handlebars.js/compare/v4.7.6...v4.7.7\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.6 - April 3rd, 2020\u003c/h2\u003e\n\u003cp\u003eChore/Housekeeping:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/wycats/handlebars.js/issues/1672\"\u003e#1672\u003c/a\u003e - Switch cmd parser to latest minimist (\u003ca href=\"https://api.github.com/users/dougwilson\"\u003e\u003ccode\u003e@​dougwilson\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCompatibility notes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestored Node.js compatibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/dce542c9a660048d31f0981ac8a45c08b919bddb\"\u003e\u003ccode\u003edce542c\u003c/code\u003e\u003c/a\u003e v4.7.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8a41389ba5b2624b6f43a5463d8e2533b843a562\"\u003e\u003ccode\u003e8a41389\u003c/code\u003e\u003c/a\u003e Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2\"\u003e\u003ccode\u003e68d8df5\u003c/code\u003e\u003c/a\u003e Fix security issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/b2a083136b11e1da9f0f47a11f749a9830a49328\"\u003e\u003ccode\u003eb2a0831\u003c/code\u003e\u003c/a\u003e Fix browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/9f98c1629834abf8de5a127caff8a2eab03d2c12\"\u003e\u003ccode\u003e9f98c16\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/45443b4290475dfb7cec32a85d344f12ab345eb9\"\u003e\u003ccode\u003e45443b4\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Improve partial indenting performance\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8841a5f6d35096aee95d68e1e49636a4cb5c661e\"\u003e\u003ccode\u003e8841a5f\u003c/code\u003e\u003c/a\u003e Fix CI errors with linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e0137c26f2202593bca7cc25184e733e87d54709\"\u003e\u003ccode\u003ee0137c2\u003c/code\u003e\u003c/a\u003e fix: enable shell mode for spawn to resolve Windows EINVAL issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e914d6037ffb0dd371f7e4823cdb019732ae66d7\"\u003e\u003ccode\u003ee914d60\u003c/code\u003e\u003c/a\u003e Improve rendering performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/7de4b41c344a5d702edca93d1841b59642fa32bd\"\u003e\u003ccode\u003e7de4b41\u003c/code\u003e\u003c/a\u003e Upgrade GitHub Actions checkout and setup-node on 4.x branch\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/...\n\n_Description has been truncated_","html_url":"https://github.com/elkozmon/zoonavigator/pull/159","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/elkozmon%2Fzoonavigator/issues/159","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/159/packages"},{"uuid":"4496917017","node_id":"PR_kwDOHHtGe87eDhI6","number":17,"state":"closed","title":"Bump the npm_and_yarn group across 3 directories with 28 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-21T23:27:19.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-21T18:14:22.000Z","updated_at":"2026-05-21T23:27:21.000Z","time_to_close":18777,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":28,"packages":[{"name":"postcss","old_version":"8.3.11","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.13.8","new_version":"7.29.4","repository_url":"https://github.com/babel/babel"},{"name":"ansi-regex","old_version":"4.1.0","new_version":"5.0.1","repository_url":"https://github.com/chalk/ansi-regex"},{"name":"async","old_version":"2.6.3","new_version":"2.6.4","repository_url":"https://github.com/caolan/async"},{"name":"json5","old_version":"1.0.1","new_version":"2.2.3","repository_url":"https://github.com/json5/json5"},{"name":"loader-utils","old_version":"2.0.0","new_version":"2.0.4","repository_url":"https://github.com/webpack/loader-utils"},{"name":"loader-utils","old_version":"1.4.0","new_version":"1.4.2","repository_url":"https://github.com/webpack/loader-utils"},{"name":"braces","old_version":"2.3.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"browserify-sign","old_version":"4.2.1","new_version":"4.2.5","repository_url":"https://github.com/crypto-browserify/browserify-sign"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"decode-uri-component","old_version":"0.2.0","new_version":"0.2.2","repository_url":"https://github.com/SamVerschueren/decode-uri-component"},{"name":"flatted","old_version":"3.1.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"2.3.3","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"3.13.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"picomatch","old_version":"2.2.2","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 2 updates in the /wp-content/themes/shapely/inc/libraries/epsilon-framework directory: [grunt](https://github.com/gruntjs/grunt) and [vue-template-compiler](https://github.com/vuejs/vue).\nBumps the npm_and_yarn group with 15 updates in the /wp-content/themes/twentytwenty directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [postcss](https://github.com/postcss/postcss) | `8.3.11` | `8.5.10` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.13.8` | `7.29.4` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `5.0.1` |\n| [async](https://github.com/caolan/async) | `2.6.3` | `2.6.4` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `2.2.3` |\n| [loader-utils](https://github.com/webpack/loader-utils) | `2.0.0` | `2.0.4` |\n| [loader-utils](https://github.com/webpack/loader-utils) | `1.4.0` | `1.4.2` |\n| [braces](https://github.com/micromatch/braces) | `2.3.2` | `3.0.3` |\n| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.2.1` | `4.2.5` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `2.3.3` | `3.0.4` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.13.1` | `3.14.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.2.2` | `4.0.4` |\n\nBumps the npm_and_yarn group with 9 updates in the /wp-content/themes/twentytwentyone directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [postcss](https://github.com/postcss/postcss) | `8.3.11` | `8.5.15` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.14.2` | `7.29.0` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `6.2.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [shell-quote](https://github.com/ljharb/shell-quote) | `1.7.2` | `1.8.3` |\n\n\nUpdates `grunt` from 0.4.5 to 1.6.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gruntjs/grunt/releases\"\u003egrunt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChangelog updates  72f6f03\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1755\"\u003e#1755\u003c/a\u003e from gruntjs/rm-dep  8d4c183\u003c/li\u003e\n\u003cli\u003eAdd recursive  1c7d483\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1756\"\u003e#1756\u003c/a\u003e from gruntjs/downgrade-glob  2d4fd38\u003c/li\u003e\n\u003cli\u003eDowngrade glob  902db7c\u003c/li\u003e\n\u003cli\u003eFix syntax  494f243\u003c/li\u003e\n\u003cli\u003eremove mkdirp  b01389e\u003c/li\u003e\n\u003cli\u003eremove dep on rimraf and mkdirp  0072510\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.6.0...v1.6.1\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.6.0...v1.6.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1750\"\u003e#1750\u003c/a\u003e from gruntjs/dep-update-jan28  2805dc3\u003c/li\u003e\n\u003cli\u003eREADME updates  3f1e423\u003c/li\u003e\n\u003cli\u003eBump to 16  8fd096d\u003c/li\u003e\n\u003cli\u003eUpdate more deps  42c5f95\u003c/li\u003e\n\u003cli\u003eBump eslint and node version  1d88050\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.3...v1.6.0\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.3...v1.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1745\"\u003e#1745\u003c/a\u003e from gruntjs/fix-copy-op  572d79b\u003c/li\u003e\n\u003cli\u003ePatch up race condition in symlink copying.  58016ff\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1746\"\u003e#1746\u003c/a\u003e from JamieSlome/patch-1  0749e1d\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md  69b7c50\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.2...v1.5.3\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.2...v1.5.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Changelog  7f15fd5\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1743\"\u003e#1743\u003c/a\u003e from gruntjs/cleanup-link  b0ec6e1\u003c/li\u003e\n\u003cli\u003eClean up link handling  433f91b\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.1...v1.5.2\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.1...v1.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1742\"\u003e#1742\u003c/a\u003e from gruntjs/update-symlink-test  ad22608\u003c/li\u003e\n\u003cli\u003eFix symlink test  0652305\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.0...v1.5.1\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.0...v1.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated changelog  b2b2c2b\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1740\"\u003e#1740\u003c/a\u003e from gruntjs/update-deps-22-10  3eda6ae\u003c/li\u003e\n\u003cli\u003eUpdate testing matrix  47d32de\u003c/li\u003e\n\u003cli\u003eMore updates  2e9161c\u003c/li\u003e\n\u003cli\u003eRemove console log  04b960e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies, tests...  aad3d45\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1736\"\u003e#1736\u003c/a\u003e from justlep/main  fdc7056\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gruntjs/grunt/blob/main/CHANGELOG\"\u003egrunt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ev1.6.2\ndate: 2026-04-14\nchanges:\n- Update minimatch to 3.1.5.\n(PR: \u003ca href=\"https://redirect.github.com/gruntjs/grunt/pull/1796\"\u003egruntjs/grunt#1796\u003c/a\u003e)\n- Update nopt to 5.0.0.\n(PR: \u003ca href=\"https://redirect.github.com/gruntjs/grunt/pull/1778\"\u003egruntjs/grunt#1778\u003c/a\u003e)\nv1.6.1\ndate: 2023-01-31\nchanges:\n- Downgrades to glob 7 for Windows compatability\n- Removes mkdirp and rimraf in favour of node.js APIs.\nv1.6.0\ndate: 2023-01-28\nchanges:\n- Requires node.js 16+.\n- template.date now uses dateformat ~4.6.2.\n- other dependency updates such as glob, rimraf, etc.\nv1.5.3\ndate: 2022-04-23\nchanges:\n- Patch up race condition in symlink copying.\nv1.5.2\ndate: 2022-04-12\nchanges:\n- Unlink symlinks when copy destination is a symlink.\nv1.5.1\ndate: 2022-04-11\nchanges:\n- Fixed symlink destination handling.\nv1.5.0\ndate: 2022-04-10\nchanges:\n- Updated dependencies.\n- Add symlink handling for copying files.\nv1.4.1\ndate: 2021-05-24\nchanges:\n- Fix --preload option to be a known option\n- Switch to GitHub Actions\nv1.4.0\ndate: 2021-04-21\nchanges:\n- Security fixes in production and dev dependencies\n- Liftup/Liftoff upgrade breaking change. Update your scripts to use --preload instead of --require. Ref: \u003ca href=\"https://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb\"\u003ehttps://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb\u003c/a\u003e.\nv1.3.0\ndate: 2020-08-18\nchanges:\n- Switch to use \u003ccode\u003esafeLoad\u003c/code\u003e for loading YML files via \u003ccode\u003efile.readYAML\u003c/code\u003e.\n- Upgrade legacy-log to ~3.0.0.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/f49016e3ad7b92cf73982bec8d1ad224563a475d\"\u003e\u003ccode\u003ef49016e\u003c/code\u003e\u003c/a\u003e 1.6.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/662e097e7a77717df9cdcc76597ea54c154a1e67\"\u003e\u003ccode\u003e662e097\u003c/code\u003e\u003c/a\u003e Update minimatch to 3.1.5 to fix CVEs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/a29fd1872a9028c65ce8e7eadda8a4ac0931adb5\"\u003e\u003ccode\u003ea29fd18\u003c/code\u003e\u003c/a\u003e CI: add Node.js 24 to version matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/f757c4f7dd4225aea81e23f67b7d2b15f6fd965d\"\u003e\u003ccode\u003ef757c4f\u003c/code\u003e\u003c/a\u003e Update links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/b5aa8342f393f21fecb9c983e0208d9da2340cfa\"\u003e\u003ccode\u003eb5aa834\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1792\"\u003e#1792\u003c/a\u003e from UlisesGascon/security-md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/8d2dea224e772ff3c549be25d5d09c87d90ec536\"\u003e\u003ccode\u003e8d2dea2\u003c/code\u003e\u003c/a\u003e docs: refresh security policy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/aa15bdc5b435e2938744658dec31ec29c3109afc\"\u003e\u003ccode\u003eaa15bdc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1786\"\u003e#1786\u003c/a\u003e from stscoundrel/ci-node-22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/ee5b2a3480d520b442887451b86e596d971d94e6\"\u003e\u003ccode\u003eee5b2a3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1787\"\u003e#1787\u003c/a\u003e from gruntjs/add-commercial-support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/c0e2b42efa4f590b624929d66e67a9f4e5c9ff46\"\u003e\u003ccode\u003ec0e2b42\u003c/code\u003e\u003c/a\u003e Readme updates re: support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/c4f037ddaecca57092f30018196361bb299b7bc7\"\u003e\u003ccode\u003ec4f037d\u003c/code\u003e\u003c/a\u003e CI: update GH actions V3 -\u0026gt; V4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gruntjs/grunt/compare/v0.4.5...v1.6.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~krinkle\"\u003ekrinkle\u003c/a\u003e, a new releaser for grunt since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vue-template-compiler` from 2.2.1 to 2.7.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vuejs/vue/releases\"\u003evue-template-compiler's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.7.16 \u0026quot;Swan Song\u0026quot;\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eThis is the final release for Vue 2.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eVue 2 will reach End of Life on December 31st, 2023. For more details, please read this \u003ca href=\"https://blog.vuejs.org/posts/vue-2-eol\"\u003eblog post\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.16-beta.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.16-beta.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.15\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.14\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.13\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.12\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.11\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.10\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.9\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.8\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.5\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.4\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003evue-template-compiler's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/vuejs/vue/compare/v2.7.16-beta.2...v2.7.16\"\u003e2.7.16 Swan Song\u003c/a\u003e (2023-12-24)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003elifecycle:\u003c/strong\u003e ensure component effect scopes are disconnected (\u003ca href=\"https://github.com/vuejs/vue/commit/56ce7f8c573116ed6683149206cf35c987249d42\"\u003e56ce7f8\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13134\"\u003e#13134\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/vuejs/vue/compare/v2.7.16-beta.1...v2.7.16-beta.2\"\u003e2.7.16-beta.2\u003c/a\u003e (2023-12-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eaccount for nested render calls (\u003ca href=\"https://github.com/vuejs/vue/commit/db9c566032da0ec5cd758a3e8525e9733874c1e5\"\u003edb9c566\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13131\"\u003e#13131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e export more types for v3 alignment (jsx / component options) (\u003ca href=\"https://github.com/vuejs/vue/commit/895669ffa01f8075a326308caa8ad6a5f69a1919\"\u003e895669f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13078\"\u003e#13078\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13128\"\u003e#13128\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/vuejs/vue/compare/v2.7.15...v2.7.16-beta.1\"\u003e2.7.16-beta.1\u003c/a\u003e (2023-12-08)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecompiler-sfc:\u003c/strong\u003e check template \u003ccode\u003eref\u003c/code\u003e usage,  (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12985\"\u003e#12985\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/83d95351a9f809311d624fc3398e7f6829b72447\"\u003e83d9535\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12984\"\u003e#12984\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecompiler-sfc:\u003c/strong\u003e fix rewriteDefault edge cases (\u003ca href=\"https://github.com/vuejs/vue/commit/25f97a5033187372e7b8c591c79336197ee5c833\"\u003e25f97a5\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13060\"\u003e#13060\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12892\"\u003e#12892\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12906\"\u003e#12906\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ekeep-alive:\u003c/strong\u003e fix keep-alive memory leak (\u003ca href=\"https://github.com/vuejs/vue/commit/2632249925e632e56f6dfc8fdbcf682c82e4081b\"\u003e2632249\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12827\"\u003e#12827\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ekeep-alive:\u003c/strong\u003e fix memory leak without breaking transition tests (\u003ca href=\"https://github.com/vuejs/vue/commit/e0747f40a879b4000a1959d21377b51d1f1ed988\"\u003ee0747f4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eprops:\u003c/strong\u003e should not unwrap props that are raw refs (\u003ca href=\"https://github.com/vuejs/vue/commit/08382f008016c3b3b93f84594266f2e191fee91d\"\u003e08382f0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12930\"\u003e#12930\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eshallowReactive:\u003c/strong\u003e should track value if already reactive when set in shallowReactive (\u003ca href=\"https://github.com/vuejs/vue/commit/0ad8e8d94f3a3bf4429f25850c85a6bbb2b81364\"\u003e0ad8e8d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003estyle:\u003c/strong\u003e always set new styles (\u003ca href=\"https://github.com/vuejs/vue/commit/f5ef882a781b8a62c9ca00e95006d07636567c8e\"\u003ef5ef882\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12901\"\u003e#12901\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12946\"\u003e#12946\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e fix shallowRef's return type  (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12979\"\u003e#12979\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/a174c29dab2cf655b06f7870e0ac5a78ef35ec8a\"\u003ea174c29\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12978\"\u003e#12978\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e fix type augmentation and compiler-sfc types w/moduleResolution: bundler (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13107\"\u003e#13107\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/de0b97b3eadae120eda505b45df2de2115dcb6f0\"\u003ede0b97b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13106\"\u003e#13106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e provide types for built-in components (\u003ca href=\"https://github.com/vuejs/vue/commit/3650c12f7d3a20f3155bc1fd2b068e84289e0d33\"\u003e3650c12\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13002\"\u003e#13002\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e type VNodeChildren should allow type number  (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13067\"\u003e#13067\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/24fcf69624a633d43dfc0aa5fa6b93d11de7fad5\"\u003e24fcf69\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12973\"\u003e#12973\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eutils:\u003c/strong\u003e unwrap refs when stringifying values in template (\u003ca href=\"https://github.com/vuejs/vue/commit/ae3e4b1c706b8d61a4a312ca5d23441df021b4b4\"\u003eae3e4b1\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12884\"\u003e#12884\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12888\"\u003e#12888\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewatch:\u003c/strong\u003e new property addition should trigger deep watcher with getter (\u003ca href=\"https://github.com/vuejs/vue/commit/6d857f5bee275dc98106e3b2cbc7722f5ec0cfc0\"\u003e6d857f5\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12967\"\u003e#12967\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12972\"\u003e#12972\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/vuejs/vue/compare/v2.7.14...v2.7.15\"\u003e2.7.15\u003c/a\u003e (2023-10-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecompiler-sfc:\u003c/strong\u003e add semicolon after \u003ccode\u003edefineProps\u003c/code\u003e statement (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12879\"\u003e#12879\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/51fef2ca69459c1175e105991f60511f1996e0c8\"\u003e51fef2c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecompiler-sfc:\u003c/strong\u003e fix macro usage in multi-variable declaration (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12873\"\u003e#12873\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/d27c128b7cb1640f3aa185a5ecdea4ff35763794\"\u003ed27c128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecompiler-sfc:\u003c/strong\u003e Optimize the value of emitIdentifier (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12851\"\u003e#12851\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/bb59751dd4e45afcaafd607f22505a724b1ef841\"\u003ebb59751\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecompiler-sfc:\u003c/strong\u003e Resolve object expression parsing errors in \u003ccode\u003ev-on\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12862\"\u003e#12862\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/b8c8b3fc7a211744fdabd237a1a986a1f80b7c43\"\u003eb8c8b3f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elifecycle:\u003c/strong\u003e scope might changed when call hook (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13070\"\u003e#13070\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/74ca5a13ba12a31580f1567e7c6d789e96730e46\"\u003e74ca5a1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/13f4e7dc03e2caed900ac70ff8b8fe58dda45663\"\u003e\u003ccode\u003e13f4e7d\u003c/code\u003e\u003c/a\u003e release: v2.7.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/56ce7f8c573116ed6683149206cf35c987249d42\"\u003e\u003ccode\u003e56ce7f8\u003c/code\u003e\u003c/a\u003e fix(lifecycle): esnure component effect scopes are disconnected\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/305e4ae9dce0a05a422b675ff555f17878e86063\"\u003e\u003ccode\u003e305e4ae\u003c/code\u003e\u003c/a\u003e release: v2.7.16-beta.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/3e1037e4a0317fe78ae022e789afbbc9453b15eb\"\u003e\u003ccode\u003e3e1037e\u003c/code\u003e\u003c/a\u003e chore: bump vitest to 1.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/db9c566032da0ec5cd758a3e8525e9733874c1e5\"\u003e\u003ccode\u003edb9c566\u003c/code\u003e\u003c/a\u003e fix: account for nested render calls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/895669ffa01f8075a326308caa8ad6a5f69a1919\"\u003e\u003ccode\u003e895669f\u003c/code\u003e\u003c/a\u003e fix(types): export more types for v3 alignment (jsx / component options)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/73bdf14ef5c9979dcba18ede3410515cecbe2f2f\"\u003e\u003ccode\u003e73bdf14\u003c/code\u003e\u003c/a\u003e release: v2.7.16-beta.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/e0747f40a879b4000a1959d21377b51d1f1ed988\"\u003e\u003ccode\u003ee0747f4\u003c/code\u003e\u003c/a\u003e fix(keep-alive): fix memory leak without breaking transition tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/2632249925e632e56f6dfc8fdbcf682c82e4081b\"\u003e\u003ccode\u003e2632249\u003c/code\u003e\u003c/a\u003e fix(keep-alive): fix keep-alive memory leak\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/3650c12f7d3a20f3155bc1fd2b068e84289e0d33\"\u003e\u003ccode\u003e3650c12\u003c/code\u003e\u003c/a\u003e fix(types): provide types for built-in components\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vuejs/vue/compare/v2.2.1...v2.7.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.3.11 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003ePostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e during \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/1995\"\u003ehis work\u003c/a\u003e on \u003ca href=\"https://stylelint.io\"\u003eStylelint\u003c/a\u003e added \u003ccode\u003eInput#document\u003c/code\u003e in additional to \u003ccode\u003eInput#css\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eroot.source.input.document //=\u0026gt; \u0026quot;\u0026lt;p\u0026gt;Hello\u0026lt;/p\u0026gt;\r\n                           //    \u0026lt;style\u0026gt;\r\n                           //    p {\r\n                           //      color: green;\r\n                           //    }\r\n                           //    \u0026lt;/style\u0026gt;\u0026quot;\r\nroot.source.input.css      //=\u0026gt; \u0026quot;p {\r\n                           //      color: green;\r\n                           //    }\u0026quot;\r\n\u003cp\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eInput#document\u003c/code\u003e for sources like CSS-in-JS or HTML (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.4.49\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax without \u003ccode\u003esource.offset\u003c/code\u003e (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.3.11...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.13.8 to 7.29.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17782\"\u003e#17782\u003c/a\u003e Improve trailing comma comment handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:memo: Documentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17847\"\u003e#17847\u003c/a\u003e Replace npmjs.com links with npmx.dev (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-import-to-platform-api\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-modules\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17818\"\u003e#17818\u003c/a\u003e Load async Wasm and JSON imports in parallel (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 4\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBabel Bot (\u003ca href=\"https://github.com/babel-bot\"\u003e\u003ccode\u003e@​babel-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cd24cc07ef6558b7f6510f9177f6393c91b0549f\"\u003e\u003ccode\u003ecd24cc0\u003c/code\u003e\u003c/a\u003e chore: Update TS 5.7 (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17053\"\u003e#17053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.4/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.14.2 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/traverse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ansi-regex` from 4.1.0 to 5.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/chalk/ansi-regex/releases\"\u003eansi-regex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes (backport of \u003ccode\u003e6.0.1\u003c/code\u003e to v5)\u003c/h3\u003e\n\u003cp\u003eThis is a backport of the \u003cstrong\u003eminor\u003c/strong\u003e ReDos vulnerability in \u003ccode\u003eansi-regex@\u0026lt;6.0.1\u003c/code\u003e, as requested in \u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/38\"\u003e#38\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://en.wikipedia.org/wiki/ReDoS\"\u003eReDoS\u003c/a\u003e in certain cases (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\nYou are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3807\"\u003eCVE-2021-3807\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1\"\u003ehttps://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThank you \u003ca href=\"https://github.com/yetingli\"\u003e\u003ccode\u003e@​yetingli\u003c/code\u003e\u003c/a\u003e for the patch and reproduction case!\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch3\u003eBreaking\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRequire Node.js 8  166a0d5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TypeScript definition (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/32\"\u003e#32\u003c/a\u003e)  e77ea17\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/compare/v4.1.0...v5.0.0\"\u003ehttps://github.com/chalk/ansi-regex/compare/v4.1.0...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/a9babce885cf19c363cf1d1c645f834592c3f7a4\"\u003e\u003ccode\u003ea9babce\u003c/code\u003e\u003c/a\u003e 5.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/4657833b3419f381c8ef4eb5787e71c5206b1b35\"\u003e\u003ccode\u003e4657833\u003c/code\u003e\u003c/a\u003e fix incorrect format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/c3c0b3f2736b9c01feec0fef33980c43720dcde8\"\u003e\u003ccode\u003ec3c0b3f\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/178363b3a297b712a0054e702d8ddde3879913e5\"\u003e\u003ccode\u003e178363b\u003c/code\u003e\u003c/a\u003e Move to GitHub Actions (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/35\"\u003e#35\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/0755e661553387cfebcb62378181e9f55b2567ff\"\u003e\u003ccode\u003e0755e66\u003c/code\u003e\u003c/a\u003e Add \u003ca href=\"https://github.com/Qix\"\u003e\u003ccode\u003e@​Qix\u003c/code\u003e\u003c/a\u003e- to funding.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/2b56fb0c7a07108e5b54241e8faec160d393aedb\"\u003e\u003ccode\u003e2b56fb0\u003c/code\u003e\u003c/a\u003e 5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/f26f7fe2287b44d3092c75a8dc3f7722282773d0\"\u003e\u003ccode\u003ef26f7fe\u003c/code\u003e\u003c/a\u003e Meta tweaks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/e77ea173f2e2b3f8bee370bf4cc4d29820783daf\"\u003e\u003ccode\u003ee77ea17\u003c/code\u003e\u003c/a\u003e Add TypeScript definition (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/32\"\u003e#32\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/166a0d5eddedacf0db7ccd7ee137b862ab1dae70\"\u003e\u003ccode\u003e166a0d5\u003c/code\u003e\u003c/a\u003e Require Node.js 8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/f115fca8a0d1bd7be0af5efa6b6ade54e7145207\"\u003e\u003ccode\u003ef115fca\u003c/code\u003e\u003c/a\u003e Tidelift tasks\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v4.1.0...v5.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `async` from 2.6.3 to 2.6.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md\"\u003easync's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev2.6.4\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix potential prototype pollution exploit (\u003ca href=\"https://redirect.github.com/caolan/async/issues/1828\"\u003e#1828\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/caolan/async/commit/c6bdaca4f9175c14fc655d3783c6af6a883e6514\"\u003e\u003ccode\u003ec6bdaca\u003c/code\u003e\u003c/a\u003e Version 2.6.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/caolan/async/commit/8870da9d5022bab310413041b4079e10db3980b7\"\u003e\u003ccode\u003e8870da9\u003c/code\u003e\u003c/a\u003e Update built files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/caolan/async/commit/4df6754ef4e96a742956df8782fee27242a2ea12\"\u003e\u003ccode\u003e4df6754\u003c/code\u003e\u003c/a\u003e update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/caolan/async/commit/8f7f90342a6571ba1c197d747ebed30c368096d2\"\u003e\u003ccode\u003e8f7f903\u003c/code\u003e\u003c/a\u003e Fix prototype pollution vulnerability (\u003ca href=\"https://redirect.github.com/caolan/async/issues/1828\"\u003e#1828\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/caolan/async/compare/v2.6.3...v2.6.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~hargasinski\"\u003ehargasinski\u003c/a\u003e, a new releaser for async since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `json5` from 1.0.1 to 2.2.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/json5/json5/releases\"\u003ejson5's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/299\"\u003e#299\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Properties with the name \u003ccode\u003e__proto__\u003c/code\u003e are added to objects and arrays.\n(\u003ca href=\"https://redirect.github.com/json5/json5/issues/199\"\u003e#199\u003c/a\u003e) This also fixes a prototype pollution vulnerability reported by\nJonathan Gregson! (\u003ca href=\"https://redirect.github.com/json5/json5/issues/295\"\u003e#295\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Removed dependence on minimist to patch CVE-2021-44906. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Accurate and documented TypeScript declarations are now included. There is no need to install \u003ccode\u003e@types/json5\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/236\"\u003e#236\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/json5/json5/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.1.3 [\u003ca href=\"https://github.com/json5/json5/tree/v2.1.3\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.1.2...v2.1.3\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: An out of memory bug when parsing numbers has been fixed. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/228\"\u003e#228\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/json5/json5/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Bump \u003ccode\u003eminimist\u003c/code\u003e to \u003ccode\u003ev1.2.5\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/222\"\u003e#222\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: \u003ccode\u003epackage.json\u003c/code\u003e and \u003ccode\u003epackage.json5\u003c/code\u003e include a \u003ccode\u003emodule\u003c/code\u003e property so\nbundlers like webpack, rollup and parcel can take advantage of the ES Module\nbuild. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/208\"\u003e#208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003estringify\u003c/code\u003e outputs \u003ccode\u003e\\0\u003c/code\u003e as \u003ccode\u003e\\\\x00\u003c/code\u003e when followed by a digit. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Spelling mistakes have been fixed. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/196\"\u003e#196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: The \u003ccode\u003eindex.mjs\u003c/code\u003e and \u003ccode\u003eindex.min.mjs\u003c/code\u003e browser builds in the \u003ccode\u003edist\u003c/code\u003e directory support ES6 modules. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/187\"\u003e#187\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: The browser builds in the \u003ccode\u003edist\u003c/code\u003e directory support ES5. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/182\"\u003e#182\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eMajor\u003c/strong\u003e: JSON5 officially supports Node.js v6 and later. Support for Node.js\nv4 has been dropped. Since Node.js v6 supports ES5 features, the code has been\nrewritten in native ES5, and the dependence on Babel has been eliminated.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Support for Unicode 10 has been added.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNew: The test framework has been migrated from Mocha to Tap.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNew: The browser build at \u003ccode\u003edist/index.js\u003c/code\u003e is no longer minified by default. A\nminified version is available at \u003ccode\u003edist/index.min.js\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/181\"\u003e#181\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: The warning has been made clearer when line and paragraph separators are\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/json5/json5/blob/main/CHANGELOG.md\"\u003ejson5's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003ev2.2.3 [\u003ca href=\"https://github.com/json5/json5/tree/v2.2.3\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.2.2...v2.2.3\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: json5@2.2.3 is now the 'latest' release according to npm instead of\nv1.0.2. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/299\"\u003e#299\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.2.2 [\u003ca href=\"https://github.com/json5/json5/tree/v2.2.2\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.2.1...v2.2.2\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Properties with the name \u003ccode\u003e__proto__\u003c/code\u003e are added to objects and arrays.\n(\u003ca href=\"https://redirect.github.com/json5/json5/issues/199\"\u003e#199\u003c/a\u003e) This also fixes a prototype pollution vulnerability reported by\nJonathan Gregson! (\u003ca href=\"https://redirect.github.com/json5/json5/issues/295\"\u003e#295\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.2.1 [\u003ca href=\"https://github.com/json5/json5/tree/v2.2.1\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.2.0...v2.2.1\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Removed dependence on minimist to patch CVE-2021-44906. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.2.0 [\u003ca href=\"https://github.com/json5/json5/tree/v2.2.0\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.1.3...v2.2.0\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Accurate and documented TypeScript declarations are now included. There\nis no need to install \u003ccode\u003e@types/json5\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/236\"\u003e#236\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/json5/json5/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.1.3 [\u003ca href=\"https://github.com/json5/json5/tree/v2.1.3\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.1.2...v2.1.3\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: An out of memory bug when parsing numbers has been fixed. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/228\"\u003e#228\u003c/a\u003e,\n\u003ca href=\"https://redirect.github.com/json5/json5/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.1.2 [\u003ca href=\"https://github.com/json5/json5/tree/v2.1.2\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.1.1...v2.1.2\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Bump \u003ccode\u003eminimist\u003c/code\u003e to \u003ccode\u003ev1.2.5\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/222\"\u003e#222\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.1.1 [\u003ca href=\"https://github.com/json5/json5/tree/v2.1.1\"\u003ecode\u003c/a\u003e, [diff][d2.1.1]]\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/c3a75242772a5026a49c4017a16d9b3543b62776\"\u003e\u003ccode\u003ec3a7524\u003c/code\u003e\u003c/a\u003e 2.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/94fd06d82eeed225fa172f6fb2ca27375cbd2e39\"\u003e\u003ccode\u003e94fd06d\u003c/code\u003e\u003c/a\u003e docs: update CHANGELOG for v2.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/3b8cebf0c474a8b20c78bd75c89cca0c4dce84ce\"\u003e\u003ccode\u003e3b8cebf\u003c/code\u003e\u003c/a\u003e docs(security): use GitHub security advisories\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/f0fd9e194dde282caff114a110f4fac635f3a62c\"\u003e\u003ccode\u003ef0fd9e1\u003c/code\u003e\u003c/a\u003e docs: publish a security policy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/6a91a05fffeda16ff6b3b5008b6b340d42d31ec0\"\u003e\u003ccode\u003e6a91a05\u003c/code\u003e\u003c/a\u003e docs(template): bug -\u0026gt; bug report\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/14f8cb186e8abdfaccf6527171da7b1224374650\"\u003e\u003ccode\u003e14f8cb1\u003c/code\u003e\u003c/a\u003e 2.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/10cc7ca9169b59c5e0f5afc03dbd870cd06bcc46\"\u003e\u003ccode\u003e10cc7ca\u003c/code\u003e\u003c/a\u003e docs: update CHANGELOG for v2.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/7774c1097993bc3ce9f0ac4b722a32bf7d6871c8\"\u003e\u003ccode\u003e7774c10\u003c/code\u003e\u003c/a\u003e fix: add \u003cstrong\u003eproto\u003c/strong\u003e to objects and arrays\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/edde30abd8b22facf2c06c72586b9f6edf12700d\"\u003e\u003ccode\u003eedde30a\u003c/code\u003e\u003c/a\u003e Readme: slight tweak to intro\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/97286f8bd542c89dcee096bc05dd28ed2dfc1e16\"\u003e\u003ccode\u003e97286f8\u003c/code\u003e\u003c/a\u003e Improve example in readme\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/json5/json5/compare/v1.0.1...v2.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `loader-utils` from 2.0.0 to 2.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/loader-utils/releases\"\u003eloader-utils's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.4\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.3...v2.0.4\"\u003e2.0.4\u003c/a\u003e (2022-11-11)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDoS problem (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/225\"\u003e#225\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/ac09944dfacd7c4497ef692894b09e63e09a5eeb\"\u003eac09944\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.3\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.3\"\u003e2.0.3\u003c/a\u003e (2022-10-20)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esecurity:\u003c/strong\u003e prototype pollution exploit (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/217\"\u003e#217\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/a93cf6f4702012030f6b5ee8340d5c95ec1c7d4c\"\u003ea93cf6f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.2\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.2\"\u003e2.0.2\u003c/a\u003e (2021-11-04)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebase64 generation and unicode characters (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/197\"\u003e#197\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/8c2d24ee400bc4567335e97ee6004c3baa6ef66f\"\u003e8c2d24e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.1\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.0...v2.0.1\"\u003e2.0.1\u003c/a\u003e (2021-10-29)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emd4 support on Node.js v17 (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/193\"\u003e#193\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/1069f61284a571614ee4acdde6e6087174be118a\"\u003e1069f61\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md\"\u003eloader-utils's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.3...v2.0.4\"\u003e2.0.4\u003c/a\u003e (2022-11-11)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDoS problem (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/225\"\u003e#225\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/ac09944dfacd7c4497ef692894b09e63e09a5eeb\"\u003eac09944\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.3\"\u003e2.0.3\u003c/a\u003e (2022-10-20)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esecurity:\u003c/strong\u003e prototype pollution exploit (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/217\"\u003e#217\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/a93cf6f4702012030f6b5ee8340d5c95ec1c7d4c\"\u003ea93cf6f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.2\"\u003e2.0.2\u003c/a\u003e (2021-11-04)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebase64 generation and unicode characters (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/197\"\u003e#197\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/8c2d24ee400bc4567335e97ee6004c3baa6ef66f\"\u003e8c2d24e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.0...v2.0.1\"\u003e2.0.1\u003c/a\u003e (2021-10-29)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emd4 support on Node.js v17 (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/193\"\u003e#193\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/1069f61284a571614ee4acdde6e6087174be118a\"\u003e1069f61\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/loader-utils/commit/6688b5028106f144ee9f543bebc8e6a87b57829f\"\u003e\u003ccode\u003e6688b50\u003c/code\u003e\u003c/a\u003e chore(release): 2.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/loader-utils/commit/ac09944dfacd7c4497ef692894b09e63e09a5eeb\"\u003e\u003ccode\u003eac09944\u003c/code\u003e\u003c/a\u003e fix: ReDoS problem (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/225\"\u003e#225\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/loader-utils/commit/7162619fb982c394ed75098a0a0ed7e7f3177c70\"\u003e\u003ccode\u003e7162619\u003c/code\u003e\u003c/a\u003e chore(release): 2.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/loader-utils/commit/a93cf6f4702012030f6b5ee8340d5c95ec1c7d4c\"\u003e\u003ccode\u003ea93cf6f\u003c/code\u003e\u003c/a\u003e fix(security): prototype polution exploit (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/217\"\u003e#217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/loader-utils/commit/90c7c4be17e3e0b2f6091a69c67db7a6df9fd044\"\u003e\u003ccode\u003e90c7c4b\u003c/code\u003e\u003c/a\u003e chore(release): 2.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/loader-utils/commit/8c2d24ee400bc4567335e97ee6004c3baa6ef66f\"\u003e\u003ccode\u003e8c2d24e\u003c/code\u003e\u003c/a\u003e fix: base64 generation and unicode characters (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/197\"\u003e#197\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/loader-utils/commit/5fb556208426d281a18dfbf6f45dca24bfb24e96\"\u003e\u003ccode\u003e5fb5562\u003c/code\u003e\u003c/a\u003e chore(release): 2.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/loader-utils/commit/1069f61284a571614ee4acdde6e6087174be118a\"\u003e\u003ccode\u003e1069f61\u003c/code\u003e\u003c/a\u003e fix: md4 support on Node.js v17 (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/193\"\u003e#193\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.0...v2.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `loader-utils` from 1.4.0 to 1.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/loader-utils/releases\"\u003eloader-utils's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.4\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.3...v2.0.4\"\u003e2.0.4\u003c/a\u003e (2022-11-11)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDoS problem (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/225\"\u003e#225\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/ac09944dfacd7c4497ef692894b09e63e09a5eeb\"\u003eac09944\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.3\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.3\"\u003e2.0.3\u003c/a\u003e (2022-10-20)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esecurity:\u003c/strong\u003e prototype pollution exploit (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/217\"\u003e#217\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/a93cf6f4702012030f6b5ee8340d5c95ec1c7d4c\"\u003ea93cf6f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.2\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.2\"\u003e2.0.2\u003c/a\u003e (2021-11-04)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebase64 generation and unicode characters (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/197\"\u003e#197\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/8c2d24ee400bc4567335e97ee6004c3baa6ef66f\"\u003e8c2d24e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.1\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.0...v2.0.1\"\u003e2.0.1\u003c/a\u003e (2021-10-29)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emd4 support on Node.js v17 (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/193\"\u003e#193\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/1069f61284a571614ee4acdde6e6087174be118a\"\u003e1069f61\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/loa...\n\n_Description has been truncated_","html_url":"https://github.com/mohammadnajjar/firstwp/pull/17","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mohammadnajjar%2Ffirstwp/issues/17","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/17/packages"},{"uuid":"4459153677","node_id":"PR_kwDOPthl1s7cLPqW","number":21,"state":"closed","title":"Bump the npm_and_yarn group across 2 directories with 22 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-17T05:59:11.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-16T07:44:53.000Z","updated_at":"2026-05-17T05:59:13.000Z","time_to_close":80058,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":22,"packages":[{"name":"bootstrap","old_version":"3.4.1","new_version":"5.0.0","repository_url":"https://github.com/twbs/bootstrap"},{"name":"datatables.net","old_version":"1.10.19","new_version":"1.13.11","repository_url":"https://github.com/DataTables/Dist-DataTables"},{"name":"jquery","old_version":"3.3.1","new_version":"3.7.1","repository_url":"https://github.com/jquery/jquery"},{"name":"jquery-ui","old_version":"1.12.1","new_version":"1.13.2","repository_url":"https://github.com/jquery/jquery-ui"},{"name":"moment","old_version":"2.24.0","new_version":"2.30.1","repository_url":"https://github.com/moment/moment"},{"name":"select2","old_version":"4.0.5","new_version":"4.0.6","repository_url":"https://github.com/select2/select2"},{"name":"grunt","old_version":"0.4.5","new_version":"1.6.2","repository_url":"https://github.com/gruntjs/grunt"},{"name":"ajv","old_version":"4.11.8","new_version":"removed","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"bn.js","old_version":"4.11.8","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"brace-expansion","old_version":"1.1.8","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"browserify-sign","old_version":"4.0.4","new_version":"4.2.5","repository_url":"https://github.com/crypto-browserify/browserify-sign"},{"name":"cached-path-relative","old_version":"1.0.1","new_version":"1.1.0","repository_url":"https://github.com/ashaffer/cached-path-relative"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"i","old_version":"0.3.6","new_version":"0.3.7","repository_url":"https://github.com/pksunkara/inflect"},{"name":"minimist","old_version":"1.2.0","new_version":"1.2.8","repository_url":"https://github.com/minimistjs/minimist"},{"name":"shelljs","old_version":"0.3.0","new_version":"removed","repository_url":"https://github.com/shelljs/shelljs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 16 updates in the /back directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [bootstrap](https://github.com/twbs/bootstrap) | `3.4.1` | `5.0.0` |\n| [datatables.net](https://github.com/DataTables/Dist-DataTables) | `1.10.19` | `1.13.11` |\n| [jquery](https://github.com/jquery/jquery) | `3.3.1` | `3.7.1` |\n| [jquery-ui](https://github.com/jquery/jquery-ui) | `1.12.1` | `1.13.2` |\n| [moment](https://github.com/moment/moment) | `2.24.0` | `2.30.1` |\n| [select2](https://github.com/select2/select2) | `4.0.5` | `4.0.6` |\n| [grunt](https://github.com/gruntjs/grunt) | `0.4.5` | `1.6.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `4.11.8` | `removed` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.11.8` | `4.12.3` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.8` | `1.1.14` |\n| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.5` |\n| [cached-path-relative](https://github.com/ashaffer/cached-path-relative) | `1.0.1` | `1.1.0` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [i](https://github.com/pksunkara/inflect) | `0.3.6` | `0.3.7` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.0` | `1.2.8` |\n| [shelljs](https://github.com/shelljs/shelljs) | `0.3.0` | `removed` |\n\nBumps the npm_and_yarn group with 1 update in the /casino directory: [axios](https://github.com/axios/axios).\n\nUpdates `bootstrap` from 3.4.1 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/twbs/bootstrap/releases\"\u003ebootstrap's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eHighlights\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32155\"\u003e#32155\u003c/a\u003e: Updated \u003ccode\u003emake-col()\u003c/code\u003e mixin to generate equal columns when no size is specified\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32763\"\u003e#32763\u003c/a\u003e: Added new \u003ccode\u003ecolor-scheme()\u003c/code\u003e mixin\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33389\"\u003e#33389\u003c/a\u003e: Dropdown menus now have option become clickable\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33453\"\u003e#33453\u003c/a\u003e: Added new docs footer\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33548\"\u003e#33548\u003c/a\u003e: Offcanvas header components are now vertically aligned\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33549\"\u003e#33549\u003c/a\u003e: Added offcanvas-top modifier\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33634\"\u003e#33634\u003c/a\u003e: Added support for \u003ccode\u003e.dropdown-item\u003c/code\u003es wrapped in \u003ccode\u003e\u0026lt;li\u0026gt;\u003c/code\u003es\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33626\"\u003e#33626\u003c/a\u003e: Fix v5 regressions in tab dropdown functionality\u003c/p\u003e\n\u003ch2\u003e🚀 Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32763\"\u003e#32763\u003c/a\u003e: Add \u003ccode\u003ecolor-scheme\u003c/code\u003e mixin\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33389\"\u003e#33389\u003c/a\u003e: Dropdown — Add option to make the dropdown menu clickable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33549\"\u003e#33549\u003c/a\u003e: Add offcanvas-top modifier\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🎨 CSS\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32155\"\u003e#32155\u003c/a\u003e: Add equal column mixin\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32763\"\u003e#32763\u003c/a\u003e: Add \u003ccode\u003ecolor-scheme\u003c/code\u003e mixin\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33292\"\u003e#33292\u003c/a\u003e: Make accordion icon rotation more natural\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33411\"\u003e#33411\u003c/a\u003e: Fix validation feedback icon in select multiple\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33478\"\u003e#33478\u003c/a\u003e: Make \u003ccode\u003e.nav-link\u003c/code\u003e color consistent when using buttons\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33482\"\u003e#33482\u003c/a\u003e: Dropdown — Apply positioning only when Popper is not used\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33548\"\u003e#33548\u003c/a\u003e: Vertically align offcanvas header components\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33549\"\u003e#33549\u003c/a\u003e: Add offcanvas-top modifier\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33550\"\u003e#33550\u003c/a\u003e: Spinner alignment changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33598\"\u003e#33598\u003c/a\u003e: Hide validation icons from multiple selects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33600\"\u003e#33600\u003c/a\u003e: Have $form-check-input-border's default derive from $black\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33607\"\u003e#33607\u003c/a\u003e: Reduce color-scheme complexity\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33642\"\u003e#33642\u003c/a\u003e: use \u003ccode\u003e:read-only\u003c/code\u003e css selector instead \u003ccode\u003e[readonly]\u003c/code\u003e for consistency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33658\"\u003e#33658\u003c/a\u003e: fix: use list-group variable instead of alert\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33736\"\u003e#33736\u003c/a\u003e: accordion: fix \u003ccode\u003eborder-top\u003c/code\u003e on Firefox\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e☕️ JavaScript\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32439\"\u003e#32439\u003c/a\u003e: Decouple BackDrop from modal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33245\"\u003e#33245\u003c/a\u003e: Decouple Modal's scrollbar functionality\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33249\"\u003e#33249\u003c/a\u003e: Simplify Modal Config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33250\"\u003e#33250\u003c/a\u003e: Simplify ScrollSpy config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33310\"\u003e#33310\u003c/a\u003e: fix: make EventHandler better handle mouseenter/mouseleave events\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33389\"\u003e#33389\u003c/a\u003e: Dropdown — Add option to make the dropdown menu clickable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33429\"\u003e#33429\u003c/a\u003e: Remove element event listeners through base component\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33451\"\u003e#33451\u003c/a\u003e: Add missing things in \u003ccode\u003ehide\u003c/code\u003e method of dropdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33456\"\u003e#33456\u003c/a\u003e: Use our \u003ccode\u003eisDisabled\u003c/code\u003e util on dropdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33466\"\u003e#33466\u003c/a\u003e: Refactor dropdown's hide functionality\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33479\"\u003e#33479\u003c/a\u003e: Fix dropdown escape propagation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33496\"\u003e#33496\u003c/a\u003e:  Use cached \u003ccode\u003enoop\u003c/code\u003e function\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/bf0936748602c8109fd916c64b4560799fa1c3f8\"\u003e\u003ccode\u003ebf09367\u003c/code\u003e\u003c/a\u003e Release v5.0.0 (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33647\"\u003e#33647\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/48ae5a7149d30d7d80cecbaaabaa88f7679c9172\"\u003e\u003ccode\u003e48ae5a7\u003c/code\u003e\u003c/a\u003e Rewrite migration guide (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33834\"\u003e#33834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/f0865727b7d5f274a818510219e024d227affe11\"\u003e\u003ccode\u003ef086572\u003c/code\u003e\u003c/a\u003e refactor(docs): Added form file input variables (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33833\"\u003e#33833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/1a54286befabfb8c18de420df4d7074ab7eb77b3\"\u003e\u003ccode\u003e1a54286\u003c/code\u003e\u003c/a\u003e Fix doc typo and Bootstrap Icons link (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33832\"\u003e#33832\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/e2df73fa9a2062ed5489a1bd80b9d0ddbf211a53\"\u003e\u003ccode\u003ee2df73f\u003c/code\u003e\u003c/a\u003e Update migration guide for some v5 changes (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33829\"\u003e#33829\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/1e6356ab43df6ca3e0c05499a4d690235fbd6fc7\"\u003e\u003ccode\u003e1e6356a\u003c/code\u003e\u003c/a\u003e Neutralise more words from placeholder text (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33731\"\u003e#33731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/6633845901672cb642c0975e6fea3d1a1fa20058\"\u003e\u003ccode\u003e6633845\u003c/code\u003e\u003c/a\u003e Bump eslint-config-xo from 0.35.0 to 0.36.0 (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33646\"\u003e#33646\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/cb38744cf79b347ec2a32e0dcfe5c42402dc15ea\"\u003e\u003ccode\u003ecb38744\u003c/code\u003e\u003c/a\u003e Tweak toast docs (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33810\"\u003e#33810\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/c2ff22532e9f05d98b8db7c0b179d252387e77a3\"\u003e\u003ccode\u003ec2ff225\u003c/code\u003e\u003c/a\u003e Bump rollup from 2.46.0 to 2.47.0 (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33818\"\u003e#33818\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/c090ea2f4fbdc12e37def7c3bf9eb4c96c804d34\"\u003e\u003ccode\u003ec090ea2\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​babel/preset-env\u003c/code\u003e from 7.14.0 to 7.14.1 (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33819\"\u003e#33819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/twbs/bootstrap/compare/v3.4.1...v5.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~mdo\"\u003emdo\u003c/a\u003e, a new releaser for bootstrap since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `datatables.net` from 1.10.19 to 1.13.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DataTables/Dist-DataTables/releases\"\u003edatatables.net's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.13.11\u003c/h2\u003e\n\u003cp\u003eDataTables 1.13.11\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/020e067bbb70a82b03b61fdd3a3a6568bf47e15f\"\u003e\u003ccode\u003e020e067\u003c/code\u003e\u003c/a\u003e Release 1.13.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/92d424dce447f22d39c0c901da2ff9f98d626bbb\"\u003e\u003ccode\u003e92d424d\u003c/code\u003e\u003c/a\u003e Release 1.13.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/b2e9e8916b256f6b9f63f3babe5fd396c3ebd0c5\"\u003e\u003ccode\u003eb2e9e89\u003c/code\u003e\u003c/a\u003e 1.13.9 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/b0cabc22f532c444b3ae18af10d90253a3c24a4b\"\u003e\u003ccode\u003eb0cabc2\u003c/code\u003e\u003c/a\u003e Release 1.13.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/08c656b6a1f773fba9c0df444f967c3ad7bf0d8c\"\u003e\u003ccode\u003e08c656b\u003c/code\u003e\u003c/a\u003e Sync tag release - 1.13.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/8535cbabb9d8aaf66972cb9cf0a199b8a2899979\"\u003e\u003ccode\u003e8535cba\u003c/code\u003e\u003c/a\u003e d465757b36e0237b93a1fce05d553a3bb9ecd946 Dev: A little code golf to reduce size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/09717cbadab354e0828d2d27bfe5c9c7e6dcea98\"\u003e\u003ccode\u003e09717cb\u003c/code\u003e\u003c/a\u003e 7521d6f2bd98de2cde2e82dff82230c180eee722 Fix: Don't check colspan of child ro...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/16f4ccdf59604a3af0317f6430fd7167668acb9d\"\u003e\u003ccode\u003e16f4ccd\u003c/code\u003e\u003c/a\u003e 65c066c0f88839109f60aceb2de8482a48bd80d4 Fix: CommonJS loader, when there is ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/7f15d78192f19e523103eba5ece12a4aee9d8368\"\u003e\u003ccode\u003e7f15d78\u003c/code\u003e\u003c/a\u003e Sync tag release - 1.13.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/5c93272b1b08fa63a613ca8be7684bfcfd7b7653\"\u003e\u003ccode\u003e5c93272\u003c/code\u003e\u003c/a\u003e 4b83774b58ed7c423c18356e1df0963513df6f2f Release 1.13.7\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/DataTables/Dist-DataTables/compare/1.10.19...1.13.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jquery` from 3.3.1 to 3.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jquery/jquery/releases\"\u003ejquery's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ejQuery 3.7.1 Released: Reliable Table Row Dimensions\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jquery.com/2023/08/28/jquery-3-7-1-released-reliable-table-row-dimensions/\"\u003ehttps://blog.jquery.com/2023/08/28/jquery-3-7-1-released-reliable-table-row-dimensions/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery 3.7.0: Staying in Order\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jquery.com/2023/05/11/jquery-3-7-0-released-staying-in-order/\"\u003ehttps://blog.jquery.com/2023/05/11/jquery-3-7-0-released-staying-in-order/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery 3.6.4 Released: Selector Forgiveness\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jquery.com/2023/03/08/jquery-3-6-4-released-selector-forgiveness/\"\u003ehttps://blog.jquery.com/2023/03/08/jquery-3-6-4-released-selector-forgiveness/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery supports CSS.supports in jQuery 3.6.3\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jquery.com/2022/12/20/jquery-3-6-3-released-a-quick-selector-fix/\"\u003ehttps://blog.jquery.com/2022/12/20/jquery-3-6-3-released-a-quick-selector-fix/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery 3.6.2 :has arrived!\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jquery.com/2022/12/13/jquery-3-6-2-released/\"\u003ehttps://blog.jquery.com/2022/12/13/jquery-3-6-2-released/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery 3.6.1 Maintenance Release\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jquery.com/2022/08/26/jquery-3-6-1-maintenance-release/\"\u003ehttps://blog.jquery.com/2022/08/26/jquery-3-6-1-maintenance-release/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery 3.6.0 Released!\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jquery.com/2021/03/02/jquery-3-6-0-released/\"\u003ehttps://blog.jquery.com/2021/03/02/jquery-3-6-0-released/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery 3.5.0 Released!\u003c/h2\u003e\n\u003cp\u003eSee the blog post:\n\u003ca href=\"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\"\u003ehttps://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\u003c/a\u003e\nand the upgrade guide:\n\u003ca href=\"https://jquery.com/upgrade-guide/3.5/\"\u003ehttps://jquery.com/upgrade-guide/3.5/\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eNOTE:\u003c/strong\u003e Despite being a minor release, this update includes a breaking change that we had to make to fix \u003ca href=\"https://github.com/advisories/GHSA-gxr4-xjj5-5px2\"\u003ea security issue\u003c/a\u003e ( \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2020-11022\"\u003e\u003ccode\u003eCVE-2020-11022\u003c/code\u003e\u003c/a\u003e). Please follow the blog post \u0026amp; the upgrade guide for more details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/f79d5f1a337528940ab7029d4f8bbba72326f269\"\u003e\u003ccode\u003ef79d5f1\u003c/code\u003e\u003c/a\u003e 3.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/399b201bb3143a3952894cf3489b4848fc003967\"\u003e\u003ccode\u003e399b201\u003c/code\u003e\u003c/a\u003e Release: revert change that broke release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/f85d521cdeeb3c6d3f4563a06dba8be793e26ef0\"\u003e\u003ccode\u003ef85d521\u003c/code\u003e\u003c/a\u003e Release: update authors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/763ade6dda092709b36d97491951bcae415d91d1\"\u003e\u003ccode\u003e763ade6\u003c/code\u003e\u003c/a\u003e Build: Generate the slim build on \u003ccode\u003egrunt\u003c/code\u003e \u0026amp; run \u003ccode\u003ecompare_size\u003c/code\u003e on it\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/a288838c6f2ddd08c41e09b4672ad39a03822b04\"\u003e\u003ccode\u003ea288838\u003c/code\u003e\u003c/a\u003e CSS: Make the reliableTrDimensions support test work with Bootstrap CSS (3.x ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/87467a6f62b5fbd820ab387836e2a6fb186cbc1b\"\u003e\u003ccode\u003e87467a6\u003c/code\u003e\u003c/a\u003e Selector: Only attach the unload handler in IE \u0026amp; Edge Legacy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/3c18c1f33cfc69e1e1bd1410ab5176b2abc5fe3a\"\u003e\u003ccode\u003e3c18c1f\u003c/code\u003e\u003c/a\u003e Build: Make sure \u003ccode\u003e*.cjs\u003c/code\u003e \u0026amp; \u003ccode\u003e*.mjs\u003c/code\u003e files use UNIX line endings as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/72ae577c948f3577894bc7430a264ec27d9c2ba3\"\u003e\u003ccode\u003e72ae577\u003c/code\u003e\u003c/a\u003e Build: switch preferred email for timmywil\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/a370d7df4232c98f536bd97c049a0445d75c0f9e\"\u003e\u003ccode\u003ea370d7d\u003c/code\u003e\u003c/a\u003e Build: Build: Bump actions/checkout from 3.5.2 to 3.5.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/4a29888c759d0ca9a3ef7be90a2d7936cc48f5c8\"\u003e\u003ccode\u003e4a29888\u003c/code\u003e\u003c/a\u003e Docs: Fix typos found by codespell\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jquery/jquery/compare/3.3.1...3.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~timmywil\"\u003etimmywil\u003c/a\u003e, a new releaser for jquery since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jquery-ui` from 1.12.1 to 1.13.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jquery/jquery-ui/releases\"\u003ejquery-ui's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ejQuery UI 1.13.2 released\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jqueryui.com/2022/07/jquery-ui-1-13-2-released/\"\u003ehttps://blog.jqueryui.com/2022/07/jquery-ui-1-13-2-released/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery UI 1.13.1 released\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jqueryui.com/2022/01/jquery-ui-1-13-1-released/\"\u003ehttps://blog.jqueryui.com/2022/01/jquery-ui-1-13-1-released/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery UI 1.13.0 released\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/\"\u003ehttps://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/d6c028cc2e214a4f9f3a787313ef03a17a33a008\"\u003e\u003ccode\u003ed6c028c\u003c/code\u003e\u003c/a\u003e 1.13.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/8cc5bae1caa1fcf96bf5862c5646c787020ba3f9\"\u003e\u003ccode\u003e8cc5bae\u003c/code\u003e\u003c/a\u003e Checkboxradio: Don't re-evaluate text labels as HTML\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/b53e7beb6884a8de7710146112bc48aecd8737b4\"\u003e\u003ccode\u003eb53e7be\u003c/code\u003e\u003c/a\u003e All: Remove deprecated .click() usage in demos/tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/bb00536756b40a67288fab1803741d18bf3b5e4c\"\u003e\u003ccode\u003ebb00536\u003c/code\u003e\u003c/a\u003e Build: Update AUTHORS.txt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/9d1fc97b4ea5c364b8f1c7d9ab2a3c28f8c594e7\"\u003e\u003ccode\u003e9d1fc97\u003c/code\u003e\u003c/a\u003e Datepicker: Capitalize some Indonesian words\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/1f467baaacf0f9927cb73482a9f3ac0253739c4a\"\u003e\u003ccode\u003e1f467ba\u003c/code\u003e\u003c/a\u003e Selectmenu: Remove a call to the deprecated .focus() method\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/ac1866f20d0c333658ec180b09bb84445c3bb086\"\u003e\u003ccode\u003eac1866f\u003c/code\u003e\u003c/a\u003e Build: Update AUTHORS.txt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/395aa7d05601aa1f2ebeae272f81f0014c0cae90\"\u003e\u003ccode\u003e395aa7d\u003c/code\u003e\u003c/a\u003e Datepicker: Add missing localization for prevText and nextText\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/218c6af95a5d72134c1b32220995b161c56a1453\"\u003e\u003ccode\u003e218c6af\u003c/code\u003e\u003c/a\u003e Datepicker: Remove symbols in localization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/3126e128691fd9fa78f33930ba9cb37609d0a64f\"\u003e\u003ccode\u003e3126e12\u003c/code\u003e\u003c/a\u003e Datepicker: Remove symbols in localization\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jquery/jquery-ui/compare/1.12.1...1.13.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~mgol\"\u003emgol\u003c/a\u003e, a new releaser for jquery-ui since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `moment` from 2.24.0 to 2.30.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moment/moment/blob/develop/CHANGELOG.md\"\u003emoment's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e2.30.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelease Dec 27, 2023\u003c/li\u003e\n\u003cli\u003eRevert \u003ca href=\"https://redirect.github.com/moment/moment/pull/5827\"\u003emoment/moment#5827\u003c/a\u003e, because it's breaking\na lot of TS code.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.30.0 \u003ca href=\"https://gist.github.com/ichernev/e277bcd1f0eeabb834f60a777237925a\"\u003eFull changelog\u003c/a\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelease Dec 26, 2023\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.29.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelease Jul 6, 2022\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/moment/moment/pull/6015\"\u003e#6015\u003c/a\u003e [bugfix] Fix ReDoS in preprocessRFC2822 regex\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.29.3 \u003ca href=\"https://gist.github.com/ichernev/edebd440f49adcaec72e5e77b791d8be\"\u003eFull changelog\u003c/a\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelease Apr 17, 2022\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/moment/moment/pull/5995\"\u003e#5995\u003c/a\u003e [bugfix] Remove const usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/moment/moment/pull/5990\"\u003e#5990\u003c/a\u003e misc: fix advisory link\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.29.2 \u003ca href=\"https://gist.github.com/ichernev/1904b564f6679d9aac1ae08ce13bc45c\"\u003eSee full changelog\u003c/a\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelease Apr 3 2022\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eAddress \u003ca href=\"https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4\"\u003ehttps://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e2.29.1 \u003ca href=\"https://gist.github.com/marwahaha/cc478ba01a1292ab4bd4e861d164d99b\"\u003eSee full changelog\u003c/a\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelease Oct 6, 2020\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eUpdated deprecation message, bugfix in hi locale\u003c/p\u003e\n\u003ch3\u003e2.29.0 \u003ca href=\"https://gist.github.com/marwahaha/b0111718641a6461800066549957ec14\"\u003eSee full changelog\u003c/a\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelease Sept 22, 2020\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew locales (es-mx, bn-bd).\nMinor bugfixes and locale improvements.\nMore tests.\nMoment is in maintenance mode. Read more at this link:\n\u003ca href=\"https://momentjs.com/docs/#/-project-status/\"\u003ehttps://momentjs.com/docs/#/-project-status/\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e2.28.0 \u003ca href=\"https://gist.github.com/marwahaha/028fd6c2b2470b2804857cfd63c0e94f\"\u003eSee full changelog\u003c/a\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelease Sept 13, 2020\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFix bug where .format() modifies original instance, and locale updates\u003c/p\u003e\n\u003ch3\u003e2.27.0 \u003ca href=\"https://gist.github.com/marwahaha/5100c9c2f42019067b1f6cefc333daa7\"\u003eSee full changelog\u003c/a\u003e\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/485d9a7d709bd5f3869a7ad24630cf0746d072dc\"\u003e\u003ccode\u003e485d9a7\u003c/code\u003e\u003c/a\u003e Build 2.30.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/e048b09e46a3f710a93a45026b93b7c3cbc8b646\"\u003e\u003ccode\u003ee048b09\u003c/code\u003e\u003c/a\u003e Bump version to 2.30.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/f9f2d584dcaa4bcb4821ba4bae97b54798239921\"\u003e\u003ccode\u003ef9f2d58\u003c/code\u003e\u003c/a\u003e Update changelog for 2.30.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/a52ffb2bd49fdef0149d13874e7aede361342198\"\u003e\u003ccode\u003ea52ffb2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Merge pull request \u003ca href=\"https://redirect.github.com/moment/moment/issues/5827\"\u003e#5827\u003c/a\u003e from BobZombie:feature/fix_d.ts\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/ddd680908c23797a3ed22007838634518bb14705\"\u003e\u003ccode\u003eddd6809\u003c/code\u003e\u003c/a\u003e Build 2.30.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/be64d00332159d4df419a4ee0328da9bd81a6fc6\"\u003e\u003ccode\u003ebe64d00\u003c/code\u003e\u003c/a\u003e Bump version to 2.30.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/ad411793e96d19085272181dcb823aee34b7de5d\"\u003e\u003ccode\u003ead41179\u003c/code\u003e\u003c/a\u003e Update changelog for 2.30.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/63fe479c029d2e329e5c03744e5ad022828296d7\"\u003e\u003ccode\u003e63fe479\u003c/code\u003e\u003c/a\u003e [misc] Make code ES6 compatible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/0f0195f5049744d4b74bd0840501cb24b2cba949\"\u003e\u003ccode\u003e0f0195f\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Merge pull request \u003ca href=\"https://redirect.github.com/moment/moment/issues/5599\"\u003e#5599\u003c/a\u003e from Alanscut:issue_4985\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/15b82f532c41c86f0cfa7462d0057d1d95e67821\"\u003e\u003ccode\u003e15b82f5\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Merge pull request \u003ca href=\"https://redirect.github.com/moment/moment/issues/5597\"\u003e#5597\u003c/a\u003e from Alanscut:issue-5596\u0026quot;\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moment/moment/compare/2.24.0...2.30.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `select2` from 4.0.5 to 4.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/select2/select2/releases\"\u003eselect2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSelect2 4.0.6\u003c/h2\u003e\n\u003ch3\u003eNew features/improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd style property to package.json (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5019\"\u003e#5019\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003eclearing\u003c/code\u003e events (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5058\"\u003e#5058\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003escrollAfterSelect\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5150\"\u003e#5150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd missing diacritics (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4118\"\u003e#4118\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/select2/select2/issues/4337\"\u003e#4337\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/select2/select2/issues/5464\"\u003e#5464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix up arrow error when there are no options in dropdown (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5127\"\u003e#5127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e;\u003c/code\u003e before beginning of factory wrapper (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5089\"\u003e#5089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix IE11 issue with select losing focus after selecting an item (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4860\"\u003e#4860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eClear tooltip from \u003ccode\u003eselect2-selection__rendered\u003c/code\u003e when selection is cleared (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4640\"\u003e#4640\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/select2/select2/issues/4746\"\u003e#4746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix keyboard not closing when closing dropdown on iOS 10 (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4680\"\u003e#4680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUser-defined types not normalized properly when passed in as data (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4632\"\u003e#4632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePerform deep merge for \u003ccode\u003eDefaults.set()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4364\"\u003e#4364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u0026quot;the results could not be loaded\u0026quot; displaying during AJAX request (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4356\"\u003e#4356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCache objects in \u003ccode\u003eUtils.__cache\u003c/code\u003e instead of using \u003ccode\u003e$.data\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4346\"\u003e#4346\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/select2/select2/issues/5486\"\u003e#5486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoving the double event binding registration of \u003ccode\u003eselection:update\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4306\"\u003e#4306\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eAccessibility\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eImprove \u003ccode\u003e.select2-hidden-accessible\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4908\"\u003e#4908\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd role and aria-readonly attributes to single selection dropdown value (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4881\"\u003e#4881\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTranslations\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Turkmen translations (\u003ccode\u003etk\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5125\"\u003e#5125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error in French translations (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5122\"\u003e#5122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Albanian translation (\u003ccode\u003esq\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5199\"\u003e#5199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Georgian translation (\u003ccode\u003eka\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5179\"\u003e#5179\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Nepali translation (\u003ccode\u003ene\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5295\"\u003e#5295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Bangla translation (\u003ccode\u003ebn\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5248\"\u003e#5248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eremoveAllItems\u003c/code\u003e translation for clear \u0026quot;x\u0026quot; title (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5291\"\u003e#5291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix wording in Vietnamese translations (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5387\"\u003e#5387\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error in Russian translation (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5401\"\u003e#5401\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove duplicate CSS selector in classic theme (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5115\"\u003e#5115\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSelect2 4.0.6-rc.1\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix up arrow error when there are no options in dropdown (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5127\"\u003e#5127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix IE11 issue with select losing focus after selecting an item (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4860\"\u003e#4860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReinstate backwards-compatible support for \u003ccode\u003edata('select2')\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4014\"\u003e#4014\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTranslations\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Turkmen translations (\u003ccode\u003etk\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5125\"\u003e#5125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error in French translations (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5122\"\u003e#5122\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove duplicate CSS selector in classic theme (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5115\"\u003e#5115\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/select2/select2/blob/develop/CHANGELOG.md\"\u003eselect2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.6\u003c/h2\u003e\n\u003ch3\u003eNew features/improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd style property to package.json (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5019\"\u003e#5019\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003eclearing\u003c/code\u003e events (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5058\"\u003e#5058\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003escrollAfterSelect\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5150\"\u003e#5150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd missing diacritics (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4118\"\u003e#4118\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/select2/select2/issues/4337\"\u003e#4337\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/select2/select2/issues/5464\"\u003e#5464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix up arrow error when there are no options in dropdown (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5127\"\u003e#5127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e;\u003c/code\u003e before beginning of factory wrapper (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5089\"\u003e#5089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix IE11 issue with select losing focus after selecting an item (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4860\"\u003e#4860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eClear tooltip from \u003ccode\u003eselect2-selection__rendered\u003c/code\u003e when selection is cleared (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4640\"\u003e#4640\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/select2/select2/issues/4746\"\u003e#4746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix keyboard not closing when closing dropdown on iOS 10 (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4680\"\u003e#4680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUser-defined types not normalized properly when passed in as data (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4632\"\u003e#4632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePerform deep merge for \u003ccode\u003eDefaults.set()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4364\"\u003e#4364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u0026quot;the results could not be loaded\u0026quot; displaying during AJAX request (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4356\"\u003e#4356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCache objects in \u003ccode\u003eUtils.__cache\u003c/code\u003e instead of using \u003ccode\u003e$.data\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4346\"\u003e#4346\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/select2/select2/issues/5486\"\u003e#5486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoving the double event binding registration of \u003ccode\u003eselection:update\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4306\"\u003e#4306\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eAccessibility\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eImprove \u003ccode\u003e.select2-hidden-accessible\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4908\"\u003e#4908\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd role and aria-readonly attributes to single selection dropdown value (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4881\"\u003e#4881\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTranslations\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Turkmen translations (\u003ccode\u003etk\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5125\"\u003e#5125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error in French translations (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5122\"\u003e#5122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Albanian translation (\u003ccode\u003esq\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5199\"\u003e#5199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Georgian translation (\u003ccode\u003eka\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5179\"\u003e#5179\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Nepali translation (\u003ccode\u003ene\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5295\"\u003e#5295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Bangla translation (\u003ccode\u003ebn\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5248\"\u003e#5248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eremoveAllItems\u003c/code\u003e translation for clear \u0026quot;x\u0026quot; title (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5291\"\u003e#5291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix wording in Vietnamese translations (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5387\"\u003e#5387\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error in Russian translation (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5401\"\u003e#5401\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove duplicate CSS selector in classic theme (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5115\"\u003e#5115\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/5dcc1022bffbccbf6894a26572f34627adaf7599\"\u003e\u003ccode\u003e5dcc102\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/select2/select2/issues/5488\"\u003e#5488\u003c/a\u003e from select2/develop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/3e9809d715ef90816be7f43420fba9c6cb010b6c\"\u003e\u003ccode\u003e3e9809d\u003c/code\u003e\u003c/a\u003e Update changelog for 4.0.6 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/a2bfa6c867be634d5f852e1f5ae35e35018ed636\"\u003e\u003ccode\u003ea2bfa6c\u003c/code\u003e\u003c/a\u003e Recompile dist for 4.0.6 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/a8ea4cc3e3bcdee5eeb65695885708375da5b219\"\u003e\u003ccode\u003ea8ea4cc\u003c/code\u003e\u003c/a\u003e Bump versions for 4.0.6 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/b4aa3529f39367758a8df2964bebf1a05be45d43\"\u003e\u003ccode\u003eb4aa352\u003c/code\u003e\u003c/a\u003e Removed unused files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/650035cf3855b7265ccbd2ba82fe6f153751fb6e\"\u003e\u003ccode\u003e650035c\u003c/code\u003e\u003c/a\u003e Restore compatibility with data-* attributes in jQuery 2.x (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5486\"\u003e#5486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/9f8b6fff405924246f512dd4f39091d5a89f931a\"\u003e\u003ccode\u003e9f8b6ff\u003c/code\u003e\u003c/a\u003e [WIP] Get Grunt consistently working again (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5466\"\u003e#5466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/5977856d81f8cd41d5c0826562f8ee206d6c0de7\"\u003e\u003ccode\u003e5977856\u003c/code\u003e\u003c/a\u003e minor fix (greek omega used has no diacritic) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5464\"\u003e#5464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/a9c1b617facc1007d66c330d59f782b798361530\"\u003e\u003ccode\u003ea9c1b61\u003c/code\u003e\u003c/a\u003e Update composer to remove deprecated dependency (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5165\"\u003e#5165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/9032705e2a43cdd4d4a6b87e07644ef2e9ee941e\"\u003e\u003ccode\u003e9032705\u003c/code\u003e\u003c/a\u003e More suitable spelling \u003ccode\u003eещё\u003c/code\u003e instead of \u003ccode\u003eеще\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5401\"\u003e#5401\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/select2/select2/compare/4.0.5...4.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `grunt` from 0.4.5 to 1.6.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gruntjs/grunt/releases\"\u003egrunt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChangelog updates  72f6f03\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1755\"\u003e#1755\u003c/a\u003e from gruntjs/rm-dep  8d4c183\u003c/li\u003e\n\u003cli\u003eAdd recursive  1c7d483\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1756\"\u003e#1756\u003c/a\u003e from gruntjs/downgrade-glob  2d4fd38\u003c/li\u003e\n\u003cli\u003eDowngrade glob  902db7c\u003c/li\u003e\n\u003cli\u003eFix syntax  494f243\u003c/li\u003e\n\u003cli\u003eremove mkdirp  b01389e\u003c/li\u003e\n\u003cli\u003eremove dep on rimraf and mkdirp  0072510\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.6.0...v1.6.1\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.6.0...v1.6.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1750\"\u003e#1750\u003c/a\u003e from gruntjs/dep-update-jan28  2805dc3\u003c/li\u003e\n\u003cli\u003eREADME updates  3f1e423\u003c/li\u003e\n\u003cli\u003eBump to 16  8fd096d\u003c/li\u003e\n\u003cli\u003eUpdate more deps  42c5f95\u003c/li\u003e\n\u003cli\u003eBump eslint and node version  1d88050\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.3...v1.6.0\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.3...v1.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1745\"\u003e#1745\u003c/a\u003e from gruntjs/fix-copy-op  572d79b\u003c/li\u003e\n\u003cli\u003ePatch up race condition in symlink copying.  58016ff\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1746\"\u003e#1746\u003c/a\u003e from JamieSlome/patch-1  0749e1d\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md  69b7c50\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.2...v1.5.3\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.2...v1.5.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Changelog  7f15fd5\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1743\"\u003e#1743\u003c/a\u003e from gruntjs/cleanup-link  b0ec6e1\u003c/li\u003e\n\u003cli\u003eClean up link handling  433f91b\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.1...v1.5.2\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.1...v1.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1742\"\u003e#1742\u003c/a\u003e from gruntjs/update-symlink-test  ad22608\u003c/li\u003e\n\u003cli\u003eFix symlink test  0652305\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.0...v1.5.1\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.0...v1.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated changelog  b2b2c2b\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1740\"\u003e#1740\u003c/a\u003e from gruntjs/update-deps-22-10  3eda6ae\u003c/li\u003e\n\u003cli\u003eUpdate testing matrix  47d32de\u003c/li\u003e\n\u003cli\u003eMore updates  2e9161c\u003c/li\u003e\n\u003cli\u003eRemove console log  04b960e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies, tests...  aad3d45\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1736\"\u003e#1736\u003c/a\u003e from justlep/main  fdc7056\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gruntjs/grunt/blob/main/CHANGELOG\"\u003egrunt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ev1.6.2\ndate: 2026-04-14\nchanges:\n- Update minimatch to 3.1.5.\n(PR: \u003ca href=\"https://redirect.github.com/gruntjs/grunt/pull/1796\"\u003egruntjs/grunt#1796\u003c/a\u003e)\n- Update nopt to 5.0.0.\n(PR: \u003ca href=\"https://redirect.github.com/gruntjs/grunt/pull/1778\"\u003egruntjs/grunt#1778\u003c/a\u003e)\nv1.6.1\ndate: 2023-01-31\nchanges:\n- Downgrades to glob 7 for Windows compatability\n- Removes mkdirp and rimraf in favour of node.js APIs.\nv1.6.0\ndate: 2023-01-28\nchanges:\n- Requires node.js 16+.\n- template.date now uses dateformat ~4.6.2.\n- other dependency updates such as glob, rimraf, etc.\nv1.5.3\ndate: 2022-04-23\nchanges:\n- Patch up race condition in symlink copying.\nv1.5.2\ndate: 2022-04-12\nchanges:\n- Unlink symlinks when copy destination is a symlink.\nv1.5.1\ndate: 2022-04-11\nchanges:\n- Fixed symlink destination handling.\nv1.5.0\ndate: 2022-04-10\nchanges:\n- Updated dependencies.\n- Add symlink handling for copying files.\nv1.4.1\ndate: 2021-05-24\nchanges:\n- Fix --preload option to be a known option\n- Switch to GitHub Actions\nv1.4.0\ndate: 2021-04-21\nchanges:\n- Security fixes in production and dev dependencies\n- Liftup/Liftoff upgrade breaking change. Update your scripts to use --preload instead of --require. Ref: \u003ca href=\"https://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb\"\u003ehttps://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb\u003c/a\u003e.\nv1.3.0\ndate: 2020-08-18\nchanges:\n- Switch to use \u003ccode\u003esafeLoad\u003c/code\u003e for loading YML files via \u003ccode\u003efile.readYAML\u003c/code\u003e.\n- Upgrade legacy-log to ~3.0.0.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/f49016e3ad7b92cf73982bec8d1ad224563a475d\"\u003e\u003ccode\u003ef49016e\u003c/code\u003e\u003c/a\u003e 1.6.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/662e097e7a77717df9cdcc76597ea54c154a1e67\"\u003e\u003ccode\u003e662e097\u003c/code\u003e\u003c/a\u003e Update minimatch to 3.1.5 to fix CVEs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/a29fd1872a9028c65ce8e7eadda8a4ac0931adb5\"\u003e\u003ccode\u003ea29fd18\u003c/code\u003e\u003c/a\u003e CI: add Node.js 24 to version matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/f757c4f7dd4225aea81e23f67b7d2b15f6fd965d\"\u003e\u003ccode\u003ef757c4f\u003c/code\u003e\u003c/a\u003e Update links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/b5aa8342f393f21fecb9c983e0208d9da2340cfa\"\u003e\u003ccode\u003eb5aa834\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1792\"\u003e#1792\u003c/a\u003e from UlisesGascon/security-md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/8d2dea224e772ff3c549be25d5d09c87d90ec536\"\u003e\u003ccode\u003e8d2dea2\u003c/code\u003e\u003c/a\u003e docs: refresh security policy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/aa15bdc5b435e2938744658dec31ec29c3109afc\"\u003e\u003ccode\u003eaa15bdc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1786\"\u003e#1786\u003c/a\u003e from stscoundrel/ci-node-22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/ee5b2a3480d520b442887451b86e596d971d94e6\"\u003e\u003ccode\u003eee5b2a3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1787\"\u003e#1787\u003c/a\u003e from gruntjs/add-commercial-support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/c0e2b42efa4f590b624929d66e67a9f4e5c9ff46\"\u003e\u003ccode\u003ec0e2b42\u003c/code\u003e\u003c/a\u003e Readme updates re: support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/c4f037ddaecca57092f30018196361bb299b7bc7\"\u003e\u003ccode\u003ec4f037d\u003c/code\u003e\u003c/a\u003e CI: update GH actions V3 -\u0026gt; V4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gruntjs/grunt/compare/v0.4.5...v1.6.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~krinkle\"\u003ekrinkle\u003c/a\u003e, a new releaser for grunt since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `ajv`\n\nUpdates `bn.js` from 4.11.8 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/84ae31344a557abb78ddabe3bac923b7503e4fb5\"\u003e\u003ccode\u003e84ae313\u003c/code\u003e\u003c/a\u003e 4.12.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/967ed0a50a9400bbbd83b450550cf37f7fa178b9\"\u003e\u003ccode\u003e967ed0a\u003c/code\u003e\u003c/a\u003e fix: Buffer not using global in browser (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/260\"\u003e#260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/61962320d7907a1a4d03a665782cb2733160c907\"\u003e\u003ccode\u003e6196232\u003c/code\u003e\u003c/a\u003e Fix LE constructor for HEX (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.11.8...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~fanatid\"\u003efanatid\u003c/a\u003e, a new releaser for bn.js since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.8 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.11\u003c/h2\u003e\n\u003ch1\u003ebrace-expansion\u003c/h1\u003e\n\u003cp\u003e\u003ca href=\"https://www.gnu.org/software/bash/manual/html_node/Brace-Expansion.html\"\u003eBrace expansion\u003c/a\u003e,\nas known from sh/bash, in JavaScript.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://travis-ci.org/juliangruber/brace-expansion\"\u003e\u003cimg src=\"https://secure.travis-ci.org/juliangruber/brace-expansion.svg\" alt=\"build status\" /\u003e\u003c/a\u003e\n\u003ca href=\"https://www.npmjs.org/package/brace-expansion\"\u003e\u003cimg src=\"https://img.shields.io/npm/dm/brace-expansion.svg\" alt=\"downloads\" /\u003e\u003c/a\u003e\n\u003ca href=\"https://greenkeeper.io/\"\u003e\u003cimg src=\"https://badges.greenkeeper.io/juliangruber/brace-expansion.svg\" alt=\"Greenkeeper badge\" /\u003e\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://ci.testling.com/juliangruber/brace-expansion\"\u003e\u003cimg src=\"https://ci.testling.com/juliangruber/brace-expansion.png\" alt=\"testling badge\" /\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eExample\u003c/h2\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003evar expand = require('brace-expansion');\n\u003cp\u003eexpand('file-{a,b,c}.jpg')\n// =\u0026gt; ['file-a.jpg', 'file-b.jpg', 'file-c.jpg']\u003c/p\u003e\n\u003cp\u003eexpand('-v{,,}')\n// =\u0026gt; ['-v', '-v', '-v']\u003c/p\u003e\n\u003cp\u003eexpand('file{0..2}.jpg')\n// =\u0026gt; ['file0.jpg', 'file1.jpg', 'file2.jpg']\u003c/p\u003e\n\u003cp\u003eexpand('file-{a..c}.jpg')\n// =\u0026gt; ['file-a.jpg', 'file-b.jpg', 'file-c.jpg']\u003c/p\u003e\n\u003cp\u003eexpand('file{2..0}.jpg')\n// =\u0026gt; ['file2.jpg', 'file1.jpg', 'file0.jpg']\u003c/p\u003e\n\u003cp\u003eexpand('file{0..4..2}.jpg')\n// =\u0026gt; ['file0.jpg', 'file2.jpg', 'file4.jpg']\u003c/p\u003e\n\u003cp\u003eexpand('file-{a..e..2}.jpg')\n// =\u0026gt; ['file-a.jpg', 'file-c.jpg', 'file-e.jpg']\u003c/p\u003e\n\u003cp\u003eexpand('file{00..10..5}.jpg')\n// =\u0026gt; ['file00.jpg', 'file05.jpg', 'file10.jpg']\u003c/p\u003e\n\u003cp\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.8...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `browserify-sign` from 4.0.4 to 4.2.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md\"\u003ebrowserify-sign's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.4...v4.2.5\"\u003ev4.2.5\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] clean up tests and convert console info skips to tape skips \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] drop unsupported nodes from CI \u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.3...v4.2.4\"\u003ev4.2.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[actions] split out node 10-20, and 20+ \u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove \u003ccode\u003efiles\u003c/code\u003e field \u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003esemver\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5f6698211aa1d6dddaba8c245f40f63ae28924a3\"\u003e\u003ccode\u003e5f66982\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] replace \u003ccode\u003eaud\u003c/code\u003e with \u003ccode\u003enpm audit\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d44b24d8691d699ccc76780b106fe9c1bf0d1558\"\u003e\u003ccode\u003ed44b24d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] revert 9e2bf12, now that v3.1.1 is out \u003ca href=\"https://github.com/browserify/browserify-sign/commit/428cf7f3f0d09f1b39312e5e51620ca684b5c1ac\"\u003e\u003ccode\u003e428cf7f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.2...v4.2.3\"\u003ev4.2.3\u003c/a\u003e - 2024-03-05\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[patch] widen support to 0.12 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9247adfd261ededfec1c036c9d8f36c4e9f87c0e\"\u003e\u003ccode\u003e9247adf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[patch] drop minimum node support to v1 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/4d0ee49ae2dc238b877dce9aed7e23fb4cb5088d\"\u003e\u003ccode\u003e4d0ee49\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eaud\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/87f3a35a587b377da2c1987af8d41c57b5afe0a5\"\u003e\u003ccode\u003e87f3a35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] remove redundant finisher \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37a475856843b7d1b2403fdafac0024ba252e579\"\u003e\u003ccode\u003e37a4758\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003ehash-base\u003c/code\u003e to ~3.0, due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9e2bf122b70970cb92f69d53e963f18299f14d66\"\u003e\u003ccode\u003e9e2bf12\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1 [\u003c/code\u003ef427270`](\u003ca href=\"https://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\"\u003ehttps://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/fb261cea57f92b3d98bc4d8bc6228c43a5de2e91\"\u003e\u003ccode\u003efb261ce\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003eelliptic\u003c/code\u003e due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/168e16fcb54886a0281b0c983e1482a097042684\"\u003e\u003ccode\u003e168e16f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.1...v4.2.2\"\u003ev4.2.2\u003c/a\u003e - 2023-10-25\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] log when openssl doesn't support cipher \u003ca href=\"https://redirect.github.com/browserify/browserify-sign/issues/37\"\u003e\u003ccode\u003e[#37](https://github.com/crypto-browserify/browserify-sign/issues/37)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/browserify-sign/commit/09a89959393b3c89fedd4f7f3bafa4fec44371d7\"\u003e\u003ccode\u003e09a8995\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/browserify-sign/commit/83fe46374b819e959d56d2c0b931308f7451a664\"\u003e\u003ccode\u003e83fe463\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/44181838e7dcc4d5d0c568f74312ea28f0bcdfd5\"\u003e\u003ccode\u003e4418183\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9ac5a5eaaac8a11eb70ec2febd13745c8764ae02\"\u003e\u003ccode\u003e9ac5a5e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to github actions \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d845d855def38e2085d5a21e447a48300f99fa60\"\u003e\u003ccode\u003ed845d85\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003esign\u003c/code\u003e: throw on unsupported padding scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/8767739a4516289568bcce9fed8a3b7e23478de9\"\u003e\u003ccode\u003e8767739\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] properly check the upper bound for DSA signatures \u003ca href=\"https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30\"\u003e\u003ccode\u003e85994cd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle openSSL not supporting a scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/f5f17c27f9824de40b5ce8ebd8502111203fd6af\"\u003e\u003ccode\u003ef5f17c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/d3a7458af692134219fce56a082068f678e12474\"\u003e\u003ccode\u003ed3a7458\u003c/code\u003e\u003c/a\u003e v4.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e [Tests] clean up tests and convert console info skips to tape skips\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e [Fix] restore node 0.10 support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e [actions] drop unsupported nodes from CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/9c371720efd60af4e08f83df4cd612a6ed135cec\"\u003e\u003ccode\u003e9c37172\u003c/code\u003e\u003c/a\u003e v4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e [meta] remove \u003ccode\u003efiles\u003c/code\u003e field\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e [actions] split out node 10-20, and 20+\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/browserify-sign/compare/v4.0.4...v4.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for browserify-sign since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cached-path-relative` from 1.0.1 to 1.1.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ashaffer/cached-path-relative/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `getobject` from 0.1.0 to 1.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cowboy/node-getobject/releases\"\u003egetobject's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/cowboy/node-getobject/issues/8\"\u003e#8\u003c/a\u003e from cowboy/dependabot/npm_and_yarn/path-parse-1.0.7  6f86cf7\u003c/li\u003e\n\u003cli\u003eBump path-parse from 1.0.6 to 1.0.7  6e79841\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/cowboy/node-getobject/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate deps  141e3a5\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/cowboy/node-getobject/issues/7\"\u003e#7\u003c/a\u003e from cowboy/dependabot/npm_and_yarn/hosted-git-info-2.8.9  c97cf3e\u003c/li\u003e\n\u003cli\u003eBump hosted-git-info from 2.8.8 to 2.8.9  201e91b\u003c/li\u003e\n\u003cli\u003eUpdate dev deps  5ffb873\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/cowboy/node-getobject/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e...\n\n_Description has been truncated_","html_url":"https://github.com/robertsn808/opensource-casino-v10-fixed/pull/21","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/robertsn808%2Fopensource-casino-v10-fixed/issues/21","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/21/packages"},{"uuid":"4457012181","node_id":"PR_kwDOCkavQs7cEjjw","number":8,"state":"open","title":"⬆️ Bump the npm-security-updates group across 1 directory with 17 updates","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-15T21:16:35.000Z","updated_at":"2026-05-15T21:16:37.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"⬆️ Bump","group_name":"npm-security-updates","update_count":17,"packages":[{"name":"@angular/common","old_version":"7.2.7","new_version":"19.2.16","repository_url":"https://github.com/angular/angular"},{"name":"@angular/core","old_version":"7.2.7","new_version":"19.2.20","repository_url":"https://github.com/angular/angular"},{"name":"@angular/compiler","old_version":"7.2.7","new_version":"19.2.18","repository_url":"https://github.com/angular/angular"},{"name":"@babel/traverse","old_version":"7.3.4","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"browserify-sign","old_version":"4.0.4","new_version":"4.2.5","repository_url":"https://github.com/crypto-browserify/browserify-sign"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"decode-uri-component","old_version":"0.2.0","new_version":"0.2.2","repository_url":"https://github.com/SamVerschueren/decode-uri-component"},{"name":"express","old_version":"4.16.4","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"follow-redirects","old_version":"1.7.0","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"fsevents","old_version":"1.2.7","new_version":"1.2.13","repository_url":"https://github.com/fsevents/fsevents"},{"name":"handlebars","old_version":"4.1.0","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"js-yaml","old_version":"3.12.2","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"jszip","old_version":"3.2.0","new_version":"3.10.1","repository_url":"https://github.com/Stuk/jszip"},{"name":"lodash","old_version":"4.17.11","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm-security-updates group with 15 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common) | `7.2.7` | `19.2.16` |\n| [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `7.2.7` | `19.2.20` |\n| [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) | `7.2.7` | `19.2.18` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.3.4` | `7.29.0` |\n| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.5` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |\n| [express](https://github.com/expressjs/express) | `4.16.4` | `4.22.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.7.0` | `1.16.0` |\n| [fsevents](https://github.com/fsevents/fsevents) | `1.2.7` | `1.2.13` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.1.0` | `4.7.9` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.12.2` | `3.14.2` |\n| [jszip](https://github.com/Stuk/jszip) | `3.2.0` | `3.10.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.11` | `4.18.1` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n\n\nUpdates `@angular/common` from 7.2.7 to 19.2.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/common's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/common's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.16 (2025-11-26)\u003c/h1\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e05fe6686a9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.14 (2025-11-25)\u003c/h1\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f\"\u003e0276479e7d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.1 (2025-11-25)\u003c/h1\u003e\n\u003ch3\u003ecompiler-cli\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/39c577bc362b263896b38c9486131d4342b8f1a8\"\u003e39c577bc36\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edo not type check native controls with ControlValueAccessor\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8d3a89a477e273b9b2223b6db775955e35105963\"\u003e8d3a89a477\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eescape angular control flow in jsdoc\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/bc34083d349a7d30efb43df97de0509fd85a1996\"\u003ebc34083d34\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eignore non-existent files\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0ea1e071742a031d9afb7a39f8e23082cd88ca2e\"\u003e0ea1e07174\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eapply bootstrap-options migration to \u003ccode\u003eplatformBrowserDynamic\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/70507b8c1ce733b8232a12fa45037ee219b5b102\"\u003e70507b8c1c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edebug data causing memory leak for root effects\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/a55482fca3b7e4f39d95f8ff236b6619e59b8190\"\u003ea55482fca3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enotify profiler events in case of errors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/49ad7c650818ee7db321a24c89282dbf9bb250f3\"\u003e49ad7c6508\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003euse injected \u003ccode\u003eDOCUMENT\u003c/code\u003e for \u003ccode\u003eCSP_NONCE\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1ec099315b0f429d0b0f07c9b1bf686668db6b\"\u003ecc1ec09931\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eperf\u003c/td\u003e\n\u003ctd\u003eavoid repeat searches for field directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eforms\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7d5c7cf99aa5c6490f8bea950b04bd56073582a1\"\u003e7d5c7cf99a\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efeat\u003c/td\u003e\n\u003ctd\u003eadd DI option for classes on \u003ccode\u003eField\u003c/code\u003e directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8acf5d27563ec51cc76971732d50e1f4142a3fe3\"\u003e8acf5d2756\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow dynamic \u003ccode\u003etype\u003c/code\u003e bindings on signal form controls\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003ccode\u003e05fe668\u003c/code\u003e\u003c/a\u003e fix(http): prevent XSRF token leakage to protocol-relative URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/12e2302a0425f3a2b09cb00d743cbdb099a5eb31\"\u003e\u003ccode\u003e12e2302\u003c/code\u003e\u003c/a\u003e build: update common's locales to use rules_js (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61630\"\u003e#61630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/9701047b9f41175a498b8bb35563e2ed277b83e1\"\u003e\u003ccode\u003e9701047\u003c/code\u003e\u003c/a\u003e test(common): Add circular deps test to 19.2.x (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61651\"\u003e#61651\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2c876b4fc5d89ce925b1403e239c7d162e39346b\"\u003e\u003ccode\u003e2c876b4\u003c/code\u003e\u003c/a\u003e fix(common): avoid injecting ApplicationRef in FetchBackend (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61649\"\u003e#61649\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e54b5773f8f74bdd2e2c0a4c89c84543c99b834\"\u003e\u003ccode\u003e8e54b57\u003c/code\u003e\u003c/a\u003e build: move private testing helpers outside \u003ccode\u003eplatform-browser/testing\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2b1b14f4d3751b9b3c351ddc412ecdcb2aea4781\"\u003e\u003ccode\u003e2b1b14f\u003c/code\u003e\u003c/a\u003e fix(core): cleanup \u003ccode\u003erxResource\u003c/code\u003e abort listener (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/58306\"\u003e#58306\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/126efc9972e18806e71977d51a55f8ec2f0514d6\"\u003e\u003ccode\u003e126efc9\u003c/code\u003e\u003c/a\u003e fix(common): cancel reader when app is destroyed (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61528\"\u003e#61528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/efda8724535a8560a64b28cc2bf81df5931af686\"\u003e\u003ccode\u003eefda872\u003c/code\u003e\u003c/a\u003e fix(common): prevent reading chunks if app is destroyed (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61354\"\u003e#61354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/c43fd3a39c8d7b6ab23037a87456f6acfb4eb08f\"\u003e\u003ccode\u003ec43fd3a\u003c/code\u003e\u003c/a\u003e build: migrate common to use rules_js based toolchain (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61434\"\u003e#61434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/185b7801ee0eede67f0ca5a501833eb4f392098b\"\u003e\u003ccode\u003e185b780\u003c/code\u003e\u003c/a\u003e build: migrate \u003ccode\u003epackages/core/schematics\u003c/code\u003e to \u003ccode\u003ets_project\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61420\"\u003e#61420\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/19.2.16/packages/common\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/common\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/core` from 7.2.7 to 19.2.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.20\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5be912eb55fe88e8621e2ce82470d51b7d950ceb\"\u003e\u003cimg src=\"https://img.shields.io/badge/5be912eb55-fix-green\" alt=\"fix - 5be912eb55\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003e\u003cimg src=\"https://img.shields.io/badge/b89b0a83a4-fix-green\" alt=\"fix - b89b0a83a4\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e\u003cimg src=\"https://img.shields.io/badge/621c7071ad-fix-green\" alt=\"fix - 621c7071ad\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.19\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/747548721d051c21e388a302d20d53fb3ab16367\"\u003e\u003cimg src=\"https://img.shields.io/badge/747548721d-fix-green\" alt=\"fix - 747548721d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eblock creation of sensitive URI attributes from ICU messages\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAngular now only applies known attributes from HTML in translated ICU content. Unknown attributes are dropped and not rendered.\u003c/p\u003e\n\u003cp\u003e(cherry picked from commit 03da204b6daa5e4583e0d0968c2107390bbd8235)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.18\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003cimg src=\"https://img.shields.io/badge/26cdc53d9c-fix-green\" alt=\"fix - 26cdc53d9c\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.17\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003cimg src=\"https://img.shields.io/badge/7c42e2ebeb-fix-green\" alt=\"fix - 7c42e2ebeb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.20 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5be912eb55fe88e8621e2ce82470d51b7d950ceb\"\u003e5be912eb55\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003eb89b0a83a4\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e621c7071ad\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.18 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/02fbf08890ec6ac2efb6c2ec4f17e56497cb81d2\"\u003e02fbf08890\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72126f9a08c185a9b93461bab67841c4e84c9b17\"\u003e72126f9a08\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/626bc8bc20e485cad2094c4a5d9417fb9a71dda8\"\u003e626bc8bc20\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e22.0.0-next.3 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/78dea55351fb305b33a919c43a6b363137eca166\"\u003e78dea55351\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/999c14eaab981d12bf2b1d9b1fd6766157f7b1cc\"\u003e999c14eaab\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ereverts \u0026quot;feat(core): add support for nested animations\u0026quot;\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/de0eb4c6566011e1a34d529a273ec3d5b6bf17d5\"\u003ede0eb4c656\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.2.4 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ed2d324f9cc12aab6cfa0569ef10b73243a62c65\"\u003eed2d324f9c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e\u003ccode\u003e621c707\u003c/code\u003e\u003c/a\u003e fix(core): sanitize translated form attributes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003e\u003ccode\u003eb89b0a8\u003c/code\u003e\u003c/a\u003e fix(core): sanitize translated attribute bindings with interpolations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/747548721d051c21e388a302d20d53fb3ab16367\"\u003e\u003ccode\u003e7475487\u003c/code\u003e\u003c/a\u003e fix(core): block creation of sensitive URI attributes from ICU messages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003ccode\u003e26cdc53\u003c/code\u003e\u003c/a\u003e fix(core): sanitize sensitive attributes on SVG script elements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003ccode\u003e7c42e2e\u003c/code\u003e\u003c/a\u003e fix(compiler): prevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/70d0639bc19e376af1a0491898f54a026d3227e2\"\u003e\u003ccode\u003e70d0639\u003c/code\u003e\u003c/a\u003e fix(core): introduce \u003ccode\u003eBootstrapContext\u003c/code\u003e for improved server bootstrapping (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/6\"\u003e#6\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/73d3e001d2a2fa3218d769c0834c12a762d86882\"\u003e\u003ccode\u003e73d3e00\u003c/code\u003e\u003c/a\u003e build: fix failing test (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61683\"\u003e#61683\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/9e1cd4966202d89c7310ab84c50b2c4231a0213e\"\u003e\u003ccode\u003e9e1cd49\u003c/code\u003e\u003c/a\u003e fix(migrations): preserve comments when removing unused imports (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61674\"\u003e#61674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/a6d5479cc75a91447daf3877d62b68a5740d3c74\"\u003e\u003ccode\u003ea6d5479\u003c/code\u003e\u003c/a\u003e build: migrate platform-server to rules_js (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61619\"\u003e#61619\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2a269449745c836e4b99215e36ea10fbe87e9e21\"\u003e\u003ccode\u003e2a26944\u003c/code\u003e\u003c/a\u003e build: migrate platform-browser and platform-browser-dynamic package to use r...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v19.2.20/packages/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/core\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/compiler` from 7.2.7 to 19.2.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/compiler's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.18\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003cimg src=\"https://img.shields.io/badge/26cdc53d9c-fix-green\" alt=\"fix - 26cdc53d9c\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.17\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003cimg src=\"https://img.shields.io/badge/7c42e2ebeb-fix-green\" alt=\"fix - 7c42e2ebeb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/compiler's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.18 (2026-01-07)\u003c/h1\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e26cdc53d9c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.7 (2026-01-07)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e808740c9311daa0f1c9bab8596ed5e54bdcc6a\"\u003e8e808740c9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ebetter types for a few expression AST nodes\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/63b1cdcf70e6de448e8fa4ba1732d7bd7b5400d1\"\u003e63b1cdcf70\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eproduce accurate span for typeof and void expressions\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/3c3ae0cb64bb112d7167fd9b0bf7739f0c9e6a39\"\u003e3c3ae0cb64\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprovide location information for literal map keys\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/523dbaf1c3646ce27f1cf2e4cfc84c730fea8da9\"\u003e523dbaf1c3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003estop ThisReceiver inheritance from ImplicitReceiver\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler-cli\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/4d9c4567edfb8dd424a3336ef54ffdfc6ca7c15f\"\u003e4d9c4567ed\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eensure component import diagnostics are reported within the \u003ccode\u003eimports\u003c/code\u003e expression\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cd405685afbfad530de7fb841ad352d2b702a9a4\"\u003ecd405685af\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003efix up spelling of diagnostic\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/778460fccac13d8667bb53fa24ba977a930c0253\"\u003e778460fcca\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport qualified names in \u003ccode\u003etypeof\u003c/code\u003e type references\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c74674eb07491f808f79976e3e21787a841aefb\"\u003e7c74674eb0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eavoid leaking view data in animations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0edbee4550e85b933e9bd2ba3c5511ef6fbf7304\"\u003e0edbee4550\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eexplicitly cast signal node value to String\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/f9c29572d28feef878c73edad562b3a6451825a6\"\u003ef9c29572d2\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eforms\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e3fba182f90a2673040cf267a970c54c07d4840f\"\u003ee3fba182f9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efeat\u003c/td\u003e\n\u003ctd\u003eadd \u003ccode\u003e[formField]\u003c/code\u003e directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/561772b152458e1d91d4bf3ef45d9645a731f2b1\"\u003e561772b152\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003edirty\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/f0fb1d8581671ca499bcb4790b0549825eb36a91\"\u003ef0fb1d8581\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003ehidden\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ec110f170bbba95f023c8ae0e4429c35bfedc572\"\u003eec110f170b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003epending\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ae1dc16bb0d30b6e87b0f98b7989e6685d856e31\"\u003eae1dc16bb0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eclean up abort listener after timeout\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/9748b0d5da6ffb1fd2498b23cc452240f46e0549\"\u003e9748b0d5da\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport custom controls with non signal-based models\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/6bd22df987e433a9e3cb759e35eb6403991cf4b7\"\u003e6bd22df987\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eSupport readonly arrays in signal forms\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003erouter\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/41cd4a6af800cf7807c46862c99ae036457d8fa7\"\u003e41cd4a6af8\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eFix RouterLink href not updating with \u003ccode\u003equeryParamsHandling\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5e9e09aee0c08901d2a4d48b60bd13692c73e76e\"\u003e5e9e09aee0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ehandle errors from view transition \u003ccode\u003eupdateCallbackDone\u003c/code\u003e promise\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.6 (2025-12-17)\u003c/h1\u003e\n\u003ch2\u003eBreaking Changes (affecting only experimental features)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003ccode\u003e26cdc53\u003c/code\u003e\u003c/a\u003e fix(core): sanitize sensitive attributes on SVG script elements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003ccode\u003e7c42e2e\u003c/code\u003e\u003c/a\u003e fix(compiler): prevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/24bab55f0c89c4fe6037780fd7b2e8c8aa5429b2\"\u003e\u003ccode\u003e24bab55\u003c/code\u003e\u003c/a\u003e fix(compiler): lexer support for template literals in object literals (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61601\"\u003e#61601\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/fc2483e7e96f8a26293f6862cbd27417b4e40809\"\u003e\u003ccode\u003efc2483e\u003c/code\u003e\u003c/a\u003e refactor(compiler): avoid duplication between \u003ccode\u003eFactoryTarget\u003c/code\u003e type (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e54b5773f8f74bdd2e2c0a4c89c84543c99b834\"\u003e\u003ccode\u003e8e54b57\u003c/code\u003e\u003c/a\u003e build: move private testing helpers outside \u003ccode\u003eplatform-browser/testing\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/44bb328eaea028524206d0d2b9f12702c9bf3861\"\u003e\u003ccode\u003e44bb328\u003c/code\u003e\u003c/a\u003e fix(compiler): avoid conflicts between HMR code and local symbols (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61550\"\u003e#61550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/1007079aeea013291900109c86fab36c9cac50c4\"\u003e\u003ccode\u003e1007079\u003c/code\u003e\u003c/a\u003e build: update compiler-cli to not be stamped when used for the compiler in ng...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/0d025c5013292fdba65d91982ae8aaee61583d57\"\u003e\u003ccode\u003e0d025c5\u003c/code\u003e\u003c/a\u003e build: support new \u003ccode\u003eng_project\u003c/code\u003e rule (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61336\"\u003e#61336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/899cb4ab49e284185f2093f2b48f1adba8cb3d47\"\u003e\u003ccode\u003e899cb4a\u003c/code\u003e\u003c/a\u003e refactor: add explicit types for exports relying on inferred call return type...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/1312eb1600648c94a0063667c2095165462f27ef\"\u003e\u003ccode\u003e1312eb1\u003c/code\u003e\u003c/a\u003e build: remove irrelevant madge circular deps tests (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61209\"\u003e#61209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v19.2.18/packages/compiler\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/compiler\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.3.4 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/traverse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `browserify-sign` from 4.0.4 to 4.2.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md\"\u003ebrowserify-sign's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.4...v4.2.5\"\u003ev4.2.5\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] clean up tests and convert console info skips to tape skips \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] drop unsupported nodes from CI \u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.3...v4.2.4\"\u003ev4.2.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[actions] split out node 10-20, and 20+ \u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove \u003ccode\u003efiles\u003c/code\u003e field \u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003esemver\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5f6698211aa1d6dddaba8c245f40f63ae28924a3\"\u003e\u003ccode\u003e5f66982\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] replace \u003ccode\u003eaud\u003c/code\u003e with \u003ccode\u003enpm audit\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d44b24d8691d699ccc76780b106fe9c1bf0d1558\"\u003e\u003ccode\u003ed44b24d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] revert 9e2bf12, now that v3.1.1 is out \u003ca href=\"https://github.com/browserify/browserify-sign/commit/428cf7f3f0d09f1b39312e5e51620ca684b5c1ac\"\u003e\u003ccode\u003e428cf7f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.2...v4.2.3\"\u003ev4.2.3\u003c/a\u003e - 2024-03-05\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[patch] widen support to 0.12 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9247adfd261ededfec1c036c9d8f36c4e9f87c0e\"\u003e\u003ccode\u003e9247adf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[patch] drop minimum node support to v1 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/4d0ee49ae2dc238b877dce9aed7e23fb4cb5088d\"\u003e\u003ccode\u003e4d0ee49\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eaud\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/87f3a35a587b377da2c1987af8d41c57b5afe0a5\"\u003e\u003ccode\u003e87f3a35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] remove redundant finisher \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37a475856843b7d1b2403fdafac0024ba252e579\"\u003e\u003ccode\u003e37a4758\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003ehash-base\u003c/code\u003e to ~3.0, due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9e2bf122b70970cb92f69d53e963f18299f14d66\"\u003e\u003ccode\u003e9e2bf12\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1 [\u003c/code\u003ef427270`](\u003ca href=\"https://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\"\u003ehttps://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/fb261cea57f92b3d98bc4d8bc6228c43a5de2e91\"\u003e\u003ccode\u003efb261ce\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003eelliptic\u003c/code\u003e due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/168e16fcb54886a0281b0c983e1482a097042684\"\u003e\u003ccode\u003e168e16f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.1...v4.2.2\"\u003ev4.2.2\u003c/a\u003e - 2023-10-25\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] log when openssl doesn't support cipher \u003ca href=\"https://redirect.github.com/browserify/browserify-sign/issues/37\"\u003e\u003ccode\u003e[#37](https://github.com/crypto-browserify/browserify-sign/issues/37)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/browserify-sign/commit/09a89959393b3c89fedd4f7f3bafa4fec44371d7\"\u003e\u003ccode\u003e09a8995\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/browserify-sign/commit/83fe46374b819e959d56d2c0b931308f7451a664\"\u003e\u003ccode\u003e83fe463\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/44181838e7dcc4d5d0c568f74312ea28f0bcdfd5\"\u003e\u003ccode\u003e4418183\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9ac5a5eaaac8a11eb70ec2febd13745c8764ae02\"\u003e\u003ccode\u003e9ac5a5e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to github actions \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d845d855def38e2085d5a21e447a48300f99fa60\"\u003e\u003ccode\u003ed845d85\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003esign\u003c/code\u003e: throw on unsupported padding scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/8767739a4516289568bcce9fed8a3b7e23478de9\"\u003e\u003ccode\u003e8767739\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] properly check the upper bound for DSA signatures \u003ca href=\"https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30\"\u003e\u003ccode\u003e85994cd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle openSSL not supporting a scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/f5f17c27f9824de40b5ce8ebd8502111203fd6af\"\u003e\u003ccode\u003ef5f17c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/d3a7458af692134219fce56a082068f678e12474\"\u003e\u003ccode\u003ed3a7458\u003c/code\u003e\u003c/a\u003e v4.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e [Tests] clean up tests and convert console info skips to tape skips\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e [Fix] restore node 0.10 support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e [actions] drop unsupported nodes from CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/9c371720efd60af4e08f83df4cd612a6ed135cec\"\u003e\u003ccode\u003e9c37172\u003c/code\u003e\u003c/a\u003e v4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e [meta] remove \u003ccode\u003efiles\u003c/code\u003e field\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e [actions] split out node 10-20, and 20+\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/browserify-sign/compare/v4.0.4...v4.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for browserify-sign since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `decode-uri-component` from 0.2.0 to 0.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/releases\"\u003edecode-uri-component's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent overwriting previously decoded tokens  980e0bf\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2\"\u003ehttps://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitch to GitHub workflows  76abc93\u003c/li\u003e\n\u003cli\u003eFix issue where decode throws - fixes \u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/6\"\u003e#6\u003c/a\u003e  746ca5d\u003c/li\u003e\n\u003cli\u003eUpdate license (\u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/1\"\u003e#1\u003c/a\u003e)  486d7e2\u003c/li\u003e\n\u003cli\u003eTidelift tasks  a650457\u003c/li\u003e\n\u003cli\u003eMeta tweaks  66e1c28\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1\"\u003ehttps://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb\"\u003e\u003ccode\u003ea0eea46\u003c/code\u003e\u003c/a\u003e 0.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152\"\u003e\u003ccode\u003e980e0bf\u003c/code\u003e\u003c/a\u003e Prevent overwriting previously decoded tokens\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33\"\u003e\u003ccode\u003e3c8a373\u003c/code\u003e\u003c/a\u003e 0.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3\"\u003e\u003ccode\u003e76abc93\u003c/code\u003e\u003c/a\u003e Switch to GitHub workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9\"\u003e\u003ccode\u003e746ca5d\u003c/code\u003e\u003c/a\u003e Fix issue where decode throws - fixes \u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/6\"\u003e#6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30\"\u003e\u003ccode\u003e486d7e2\u003c/code\u003e\u003c/a\u003e Update license (\u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/1\"\u003e#1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134\"\u003e\u003ccode\u003ea650457\u003c/code\u003e\u003c/a\u003e Tidelift tasks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02\"\u003e\u003ccode\u003e66e1c28\u003c/code\u003e\u003c/a\u003e Meta tweaks\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.16.4 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.16.4...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow...\n\n_Description has been truncated_","html_url":"https://github.com/servrox/demo-ionic-tabs-back-button/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/servrox%2Fdemo-ionic-tabs-back-button/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"}],"issue_packages":[{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-06-12T23:59:02.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4653427345","node_id":"PR_kwDOPip15c7l9_5o","number":4,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["size/XS","dependencies","javascript"],"assignees":[],"locked":false,"comments_count":7,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-12T23:59:02.000Z","updated_at":"2026-06-13T00:01:29.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":16,"packages":[{"name":"prismjs","old_version":"1.27.0","new_version":"removed","repository_url":"https://github.com/PrismJS/prism"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"handlebars","old_version":"4.7.7","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"ws","old_version":"8.11.0","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.20.11","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"express","old_version":"4.18.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"min-document","old_version":"2.19.0","new_version":"2.19.2","repository_url":"https://github.com/Raynos/min-document"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 11 updates in the /storybook directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [prismjs](https://github.com/PrismJS/prism) | `1.27.0` | `removed` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.5` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.7` | `4.7.9` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [ws](https://github.com/websockets/ws) | `8.11.0` | `8.21.0` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.20.11` | `7.29.7` |\n| [express](https://github.com/expressjs/express) | `4.18.2` | `4.22.2` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [min-document](https://github.com/Raynos/min-document) | `2.19.0` | `2.19.2` |\n\n\nRemoves `prismjs`\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck migration guide in \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/docs\"\u003edocs\u003c/a\u003e for details of all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 3.0.1 to 3.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.4...v3.0.5\"\u003ev3.0.5\u003c/a\u003e - 2026-06-12\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] escape CR, LF, and \u003ccode\u003e\u0026quot;\u003c/code\u003e in field names and filenames \u003ca href=\"https://github.com/form-data/form-data/commit/8777e67fbd0282d3dcba81f974fbdd91062c5b23\"\u003e\u003ccode\u003e8777e67\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/27c61a5deed84798be105c96605cb8bd00502dcd\"\u003e\u003ccode\u003e27c61a5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/6a8a1c6d04da36e15c80b16ecc4c0265082b3213\"\u003e\u003ccode\u003e6a8a1c6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/1a78b5dd05e508d67e97764d812ac7c6d92ea88d\"\u003e\u003ccode\u003e1a78b5d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/b22a64ef94ba4f3f6ff7d1ac72a54cca128567df\"\u003e\u003ccode\u003eb22a64e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/11d9f7338f18a59b431832a3562b49baece0a432\"\u003e\u003ccode\u003e11d9f73\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.2...v3.0.3\"\u003ev3.0.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/7fecefe4ba8f775634aff86a698776ad95ecffb5\"\u003e\u003ccode\u003e7fecefe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003ecross-spawn\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003epuppeteer\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/8261fcb8bf5944d30ae3bd04b91b71d6a9932ef4\"\u003e\u003ccode\u003e8261fcb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b82f59093cdbadb4b7ec0922d33ae7ab048b82ff\"\u003e\u003ccode\u003eb82f590\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/e5df7f24383342264bd73dee3274818a40d04065\"\u003e\u003ccode\u003ee5df7f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5a5bafee894fead10da49e1fa2b084e17f2e1034\"\u003e\u003ccode\u003e5a5bafe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.2\"\u003ev3.0.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/be3f3cf553978bac15a5182f1f3c3d2d38ccf229\"\u003e\u003ccode\u003ebe3f3cf\u003c/code\u003e\u003c/a\u003e v3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/6a8a1c6d04da36e15c80b16ecc4c0265082b3213\"\u003e\u003ccode\u003e6a8a1c6\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003ehasown\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/27c61a5deed84798be105c96605cb8bd00502dcd\"\u003e\u003ccode\u003e27c61a5\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/8777e67fbd0282d3dcba81f974fbdd91062c5b23\"\u003e\u003ccode\u003e8777e67\u003c/code\u003e\u003c/a\u003e [Fix] escape CR, LF, and \u003ccode\u003e\u0026quot;\u003c/code\u003e in field names and filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/9c82fcdf0858b2764060a87803a55375ffbee6ed\"\u003e\u003ccode\u003e9c82fcd\u003c/code\u003e\u003c/a\u003e v3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.7.7 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8 - July 27th, 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/dce542c9a660048d31f0981ac8a45c08b919bddb\"\u003e\u003ccode\u003edce542c\u003c/code\u003e\u003c/a\u003e v4.7.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8a41389ba5b2624b6f43a5463d8e2533b843a562\"\u003e\u003ccode\u003e8a41389\u003c/code\u003e\u003c/a\u003e Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2\"\u003e\u003ccode\u003e68d8df5\u003c/code\u003e\u003c/a\u003e Fix security issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/b2a083136b11e1da9f0f47a11f749a9830a49328\"\u003e\u003ccode\u003eb2a0831\u003c/code\u003e\u003c/a\u003e Fix browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/9f98c1629834abf8de5a127caff8a2eab03d2c12\"\u003e\u003ccode\u003e9f98c16\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/45443b4290475dfb7cec32a85d344f12ab345eb9\"\u003e\u003ccode\u003e45443b4\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Improve partial indenting performance\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8841a5f6d35096aee95d68e1e49636a4cb5c661e\"\u003e\u003ccode\u003e8841a5f\u003c/code\u003e\u003c/a\u003e Fix CI errors with linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e0137c26f2202593bca7cc25184e733e87d54709\"\u003e\u003ccode\u003ee0137c2\u003c/code\u003e\u003c/a\u003e fix: enable shell mode for spawn to resolve Windows EINVAL issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e914d6037ffb0dd371f7e4823cdb019732ae66d7\"\u003e\u003ccode\u003ee914d60\u003c/code\u003e\u003c/a\u003e Improve rendering performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/7de4b41c344a5d702edca93d1841b59642fa32bd\"\u003e\u003ccode\u003e7de4b41\u003c/code\u003e\u003c/a\u003e Upgrade GitHub Actions checkout and setup-node on 4.x branch\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jaylinski\"\u003ejaylinski\u003c/a\u003e, a new releaser for handlebars since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `on-headers` from 1.0.2 to 1.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/on-headers/releases\"\u003eon-headers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.1.0\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-7339\"\u003eCVE-2025-7339\u003c/a\u003e (\u003ca href=\"https://github.com/jshttp/on-headers/security/advisories/GHSA-76c9-3jph-rj3q\"\u003eGHSA-76c9-3jph-rj3q\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate CI pipeline to GitHub actions by \u003ca href=\"https://github.com/carpasse\"\u003e\u003ccode\u003e@​carpasse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/12\"\u003ejshttp/on-headers#12\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix README.md badges by \u003ca href=\"https://github.com/carpasse\"\u003e\u003ccode\u003e@​carpasse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/13\"\u003ejshttp/on-headers#13\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eadd OSSF scorecard action by \u003ca href=\"https://github.com/carpasse\"\u003e\u003ccode\u003e@​carpasse\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/14\"\u003ejshttp/on-headers#14\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: use \u003ccode\u003eubuntu-latest\u003c/code\u003e as ci runner by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/19\"\u003ejshttp/on-headers#19\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: apply OSSF Scorecard security best practices by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/20\"\u003ejshttp/on-headers#20\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e👷 add upstream change detection by \u003ca href=\"https://github.com/ctcpip\"\u003e\u003ccode\u003e@​ctcpip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/31\"\u003ejshttp/on-headers#31\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✨ add script to update known hashes by \u003ca href=\"https://github.com/ctcpip\"\u003e\u003ccode\u003e@​ctcpip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/32\"\u003ejshttp/on-headers#32\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e💚 update CI - add newer node versions by \u003ca href=\"https://github.com/ctcpip\"\u003e\u003ccode\u003e@​ctcpip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/33\"\u003ejshttp/on-headers#33\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/carpasse\"\u003e\u003ccode\u003e@​carpasse\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/12\"\u003ejshttp/on-headers#12\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/19\"\u003ejshttp/on-headers#19\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ctcpip\"\u003e\u003ccode\u003e@​ctcpip\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jshttp/on-headers/pull/31\"\u003ejshttp/on-headers#31\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jshttp/on-headers/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/on-headers/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/on-headers/blob/master/HISTORY.md\"\u003eon-headers's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.1.0 / 2025-07-17\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-7339\"\u003eCVE-2025-7339\u003c/a\u003e (\u003ca href=\"https://github.com/jshttp/on-headers/security/advisories/GHSA-76c9-3jph-rj3q\"\u003eGHSA-76c9-3jph-rj3q\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/4b017af88f5375bbdf3ad2ee732d2c122e4f52b0\"\u003e\u003ccode\u003e4b017af\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/b636f2d08e6c1e0a784b53a13cd61e05c09bb118\"\u003e\u003ccode\u003eb636f2d\u003c/code\u003e\u003c/a\u003e ♻️ refactor header array code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/3e2c2d46c3e9592f6a1c3a3a1dbe622401f95d39\"\u003e\u003ccode\u003e3e2c2d4\u003c/code\u003e\u003c/a\u003e ✨ ignore falsy header keys, matching node behavior\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/172eb41b99a5a290b27a2c43fe602ca33aa1c8ce\"\u003e\u003ccode\u003e172eb41\u003c/code\u003e\u003c/a\u003e ✨ support duplicate headers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/c6e384908c9c6127d18831d16ab0bd96e1231867\"\u003e\u003ccode\u003ec6e3849\u003c/code\u003e\u003c/a\u003e 🔒️ fix array handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/6893518341bb4e5363285df086b3158302d3b216\"\u003e\u003ccode\u003e6893518\u003c/code\u003e\u003c/a\u003e 💚 update CI - add newer node versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/56a345d82b51a0dcb8d09f061f87b1fd1dc4c01e\"\u003e\u003ccode\u003e56a345d\u003c/code\u003e\u003c/a\u003e ✨ add script to update known hashes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/175ab217155d525371a5416ff059f895a3a532a6\"\u003e\u003ccode\u003e175ab21\u003c/code\u003e\u003c/a\u003e 👷 add upstream change detection (\u003ca href=\"https://redirect.github.com/jshttp/on-headers/issues/31\"\u003e#31\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/ce0b2c8fcd313d38d3534fb731050dc16e105bf6\"\u003e\u003ccode\u003ece0b2c8\u003c/code\u003e\u003c/a\u003e ci: apply OSSF Scorecard security best practices (\u003ca href=\"https://redirect.github.com/jshttp/on-headers/issues/20\"\u003e#20\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/on-headers/commit/1a38c543e75cd06217b449531de10b1758e35299\"\u003e\u003ccode\u003e1a38c54\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003eubuntu-latest\u003c/code\u003e as ci runner (\u003ca href=\"https://redirect.github.com/jshttp/on-headers/issues/19\"\u003e#19\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/on-headers/compare/v1.0.2...v1.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for on-headers since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.11.0 to 8.21.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.21.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduced the \u003ccode\u003emaxBufferedChunks\u003c/code\u003e and \u003ccode\u003emaxFragments\u003c/code\u003e options (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a remote memory exhaustion DoS vulnerability (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eA high volume of tiny fragments and data chunks could be sent by a peer, using\nmodest network traffic, to crash a \u003ccode\u003ews\u003c/code\u003e server or client due to OOM.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer({ port: 0 }, function () {\nconst data = Buffer.alloc(1);\nconst options = { fin: false };\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e);\u003c/p\u003e\n\u003cp\u003ews.on('open', function () {\n(function send() {\nws.send(data, options, function (err) {\nif (err) return;\nsend();\n});\n})();\n});\u003c/p\u003e\n\u003cp\u003ews.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eclient close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eserver close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe vulnerability was responsibly disclosed and fixed by \u003ca href=\"https://github.com/Nadav0077\"\u003eNadav Magier\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIn vulnerable versions, the issue can be mitigated by lowering the value of the\n\u003ccode\u003emaxPayload\u003c/code\u003e option if possible.\u003c/p\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94\"\u003e\u003ccode\u003ebca91ad\u003c/code\u003e\u003c/a\u003e [dist] 8.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/2b2abd458a1b647d0b6033bd62a619c36189839a\"\u003e\u003ccode\u003e2b2abd4\u003c/code\u003e\u003c/a\u003e [security] Limit retained message parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/78eabe2a6677b231bf9c82601bde86ff91639490\"\u003e\u003ccode\u003e78eabe2\u003c/code\u003e\u003c/a\u003e [security] Add latest vulnerability to SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.11.0...8.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.20.11 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.18.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.18.2...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 0.1.7 to 0.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.1.13\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eFix backtracking (again)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImproved backtracking protection for 0.1.x, will break some previously valid paths (see previous advisory: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\"\u003ehttps://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eError on bad input\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd error on bad input values  8f09549\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eBacktrack protection\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to parameters  29b96b4\n\u003cul\u003e\n\u003cli\u003eThis will break some edge cases but should improve performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSupport non-lookahead regex output\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow a non-lookahead regex (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/312\"\u003e#312\u003c/a\u003e)  c4272e4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9\"\u003ehttps://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSupport named matching groups in \u003ccode\u003eRegExp\u003c/code\u003e\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for named matching groups (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/301\"\u003e#301\u003c/a\u003e)  114f62d\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/blob/v.0.1.13/History.md\"\u003epath-to-regexp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.1.13 / 2026-03-26\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/9fd0c879f232c2464591f56dd7c7edad7f45b4e0\"\u003e\u003ccode\u003e9fd0c87\u003c/code\u003e\u003c/a\u003e 0.1.13 (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/425\"\u003e#425\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/7ccf02cee33402f06ed2125085992ee9cd3a7c45\"\u003e\u003ccode\u003e7ccf02c\u003c/code\u003e\u003c/a\u003e fix: CVE-2026-4867\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/640e694c6fd971f78268439df9cf44040855e669\"\u003e\u003ccode\u003e640e694\u003c/code\u003e\u003c/a\u003e 0.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4\"\u003e\u003ccode\u003ef01c26a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/0c7119248b7cb528a0aea3ba45ed4e2db007cba4\"\u003e\u003ccode\u003e0c71192\u003c/code\u003e\u003c/a\u003e 0.1.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/8f095497d678c2ec3495a99ab3928748731e73ee\"\u003e\u003ccode\u003e8f09549\u003c/code\u003e\u003c/a\u003e Add error on bad input values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c827fcea751b2e9ec6ca68a1b95a82e438728868\"\u003e\u003ccode\u003ec827fce\u003c/code\u003e\u003c/a\u003e 0.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f\"\u003e\u003ccode\u003e29b96b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to parameters\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/ac4c2345622a10a09c7ec229e3c29740935d67d7\"\u003e\u003ccode\u003eac4c234\u003c/code\u003e\u003c/a\u003e Update repo url (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/bdb663527106d51f149b12f74fca1018c20c8a53\"\u003e\u003ccode\u003ebdb6635\u003c/code\u003e\u003c/a\u003e 0.1.9\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v.0.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for path-to-regexp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.11.0 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e...\n\n_Description has been truncated_","html_url":"https://github.com/OneFineStarstuff/livecodes/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/OneFineStarstuff%2Flivecodes/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-06-11T01:20:33.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4636351831","node_id":"PR_kwDOD5lwbM7lHHFv","number":24,"state":"open","title":"Bump cipher-base from 1.0.4 to 1.0.7","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-11T01:20:33.000Z","updated_at":"2026-06-11T01:20:40.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"}],"path":null,"ecosystem":"npm"},"body":"Bumps [cipher-base](https://github.com/crypto-browserify/cipher-base) from 1.0.4 to 1.0.7.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cipher-base\u0026package-manager=npm_and_yarn\u0026previous-version=1.0.4\u0026new-version=1.0.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/geolonia/download.geolonia.com/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/geolonia/download.geolonia.com/pull/24","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/geolonia%2Fdownload.geolonia.com/issues/24","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/24/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-06-10T15:34:51.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4632678706","node_id":"PR_kwDOQIL6Ks7k7Ec0","number":1,"state":"closed","title":"build(deps): bump the npm_and_yarn group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-11T01:25:38.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-10T15:34:51.000Z","updated_at":"2026-06-11T01:25:40.000Z","time_to_close":35447,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"npm_and_yarn","update_count":16,"packages":[{"name":"@babel/runtime","old_version":"7.17.8","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"base-x","old_version":"3.0.9","new_version":"3.0.11","repository_url":"https://github.com/cryptocoinjs/base-x"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"follow-redirects","old_version":"1.14.9","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"protocol-buffers-schema","old_version":"3.6.0","new_version":"3.6.1","repository_url":"https://github.com/mafintosh/protocol-buffers-schema"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"1.16.3","new_version":"1.16.6","repository_url":"https://github.com/mafintosh/tar-fs"},{"name":"tmp","old_version":"0.2.1","new_version":"0.2.7","repository_url":"https://github.com/raszi/node-tmp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 16 updates in the /subgraphs/yeti-finance directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.17.8` | `7.29.7` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.9` | `3.0.11` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.9` | `1.16.0` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.6` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [protocol-buffers-schema](https://github.com/mafintosh/protocol-buffers-schema) | `3.6.0` | `3.6.1` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `1.16.3` | `1.16.6` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.2.1` | `0.2.7` |\n\n\nUpdates `@babel/runtime` from 7.17.8 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/runtime's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/f68ac511f091f6d1f698e8ce59cd668d3bfc6102\"\u003e\u003ccode\u003ef68ac51\u003c/code\u003e\u003c/a\u003e chore: Avoid CITGM errors (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17382\"\u003e#17382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/baa4cb8b9f8a551d7dae9042b19ea2f74df6b110\"\u003e\u003ccode\u003ebaa4cb8\u003c/code\u003e\u003c/a\u003e v7.27.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/7d069309fdfcedda2928a043f6f7c98135c1242a\"\u003e\u003ccode\u003e7d06930\u003c/code\u003e\u003c/a\u003e v7.27.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/5b9468d9bf1ab4f427241673e9f03593da115a69\"\u003e\u003ccode\u003e5b9468d\u003c/code\u003e\u003c/a\u003e Reduce \u003ccode\u003eregenerator\u003c/code\u003e size more (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17287\"\u003e#17287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-runtime\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/runtime\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `base-x` from 3.0.9 to 3.0.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/043a888a9bae09bc4b40500e37792e2c6398e9f2\"\u003e\u003ccode\u003e043a888\u003c/code\u003e\u003c/a\u003e 3.0.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/2705dddd2565b455641985974b534291d8defb31\"\u003e\u003ccode\u003e2705ddd\u003c/code\u003e\u003c/a\u003e [backport 3.x] Prohibit char codes that would overflow the \u003ccode\u003eBASE_MAP\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/3d43c0e16bfbc045a0a8bb6423e6e336df81b512\"\u003e\u003ccode\u003e3d43c0e\u003c/code\u003e\u003c/a\u003e 3.0.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/0a3544695fa6800649a8b78ed46cece61bcdbbe5\"\u003e\u003ccode\u003e0a35446\u003c/code\u003e\u003c/a\u003e Improve decoding performance\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/base-x/compare/v3.0.9...v3.0.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `braces` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d\"\u003e\u003ccode\u003e74b2db2\u003c/code\u003e\u003c/a\u003e 3.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e\"\u003e\u003ccode\u003e88f1429\u003c/code\u003e\u003c/a\u003e update eslint. lint, fix unit tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff\"\u003e\u003ccode\u003e415d660\u003c/code\u003e\u003c/a\u003e Snyk js braces 6838727 (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6\"\u003e\u003ccode\u003e190510f\u003c/code\u003e\u003c/a\u003e fix tests, skip 1 test in test/braces.expand\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856\"\u003e\u003ccode\u003e716eb9f\u003c/code\u003e\u003c/a\u003e readme bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3\"\u003e\u003ccode\u003ea5851e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/braces/issues/37\"\u003e#37\u003c/a\u003e from coderaiser/fix/vulnerability\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538\"\u003e\u003ccode\u003e2092bd1\u003c/code\u003e\u003c/a\u003e feature: braces: add maxSymbols (\u003ca href=\"https://github.com/micromatch/braces/issues/\"\u003ehttps://github.com/micromatch/braces/issues/\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3\"\u003e\u003ccode\u003e9f5b4cf\u003c/code\u003e\u003c/a\u003e fix: vulnerability (\u003ca href=\"https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\"\u003ehttps://security.snyk.io/vuln/SNYK-JS-BRACES-6838727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d\"\u003e\u003ccode\u003e98414f9\u003c/code\u003e\u003c/a\u003e remove funding file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14\"\u003e\u003ccode\u003e665ab5d\u003c/code\u003e\u003c/a\u003e update keepEscaping doc (\u003ca href=\"https://redirect.github.com/micromatch/braces/issues/27\"\u003e#27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/braces/compare/3.0.2...3.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cross-spawn` from 7.0.3 to 7.0.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md\"\u003ecross-spawn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.5...v7.0.6\"\u003e7.0.6\u003c/a\u003e (2024-11-18)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate cross-spawn version to 7.0.5 in package-lock.json (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003ef700743\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.4...v7.0.5\"\u003e7.0.5\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix escaping bug introduced by backtracking (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e640d391\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.4\"\u003e7.0.4\u003c/a\u003e (2024-11-07)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e) (\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e5ff3a07\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/77cd97f3ca7b62c904a63a698fc4a79bf41977d0\"\u003e\u003ccode\u003e77cd97f\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/6717de49ff1e5de49622488dcb9c33fb25370c85\"\u003e\u003ccode\u003e6717de4\u003c/code\u003e\u003c/a\u003e chore: upgrade standard-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/f700743918d901eff92960e15a8dd68f87bd4176\"\u003e\u003ccode\u003ef700743\u003c/code\u003e\u003c/a\u003e fix: update cross-spawn version to 7.0.5 in package-lock.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9a7e3b2165917367f74b8365faad9873b30d7263\"\u003e\u003ccode\u003e9a7e3b2\u003c/code\u003e\u003c/a\u003e chore: fix build status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/085268352dcbcad8064c64c5efb25268b4023184\"\u003e\u003ccode\u003e0852683\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f\"\u003e\u003ccode\u003e640d391\u003c/code\u003e\u003c/a\u003e fix: fix escaping bug introduced by backtracking\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/bff0c87c8b627c4e6d04ec2449e733048bebb464\"\u003e\u003ccode\u003ebff0c87\u003c/code\u003e\u003c/a\u003e chore: remove codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/a7c6abc6fee79641d45b452fe6217deaa1bd0973\"\u003e\u003ccode\u003ea7c6abc\u003c/code\u003e\u003c/a\u003e chore: replace travis with github workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/9b9246e0969e86656d7ccd527716bc3c18842a19\"\u003e\u003ccode\u003e9b9246e\u003c/code\u003e\u003c/a\u003e chore(release): 7.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff\"\u003e\u003ccode\u003e5ff3a07\u003c/code\u003e\u003c/a\u003e fix: disable regexp backtracking (\u003ca href=\"https://redirect.github.com/moxystudio/node-cross-spawn/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.14.9 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.14.9...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 3.1.5\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7bba97888a27a6162983056bcce2a6e28f668712\"\u003e\u003ccode\u003e7bba978\u003c/code\u003e\u003c/a\u003e 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/bd259425b2ca17b42897997f93e890314155522d\"\u003e\u003ccode\u003ebd25942\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a9c27c75725474dbde57db2995b6281b267756d\"\u003e\u003ccode\u003e1a9c27c\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pbkdf2` from 3.1.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md\"\u003epbkdf2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.5...v3.1.6\"\u003ev3.1.6\u003c/a\u003e - 2026-05-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[New] add TypeScript type declarations \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fb1f74746f8f1ab171d7d43ede48eeca9e694ce3\"\u003e\u003ccode\u003efb1f747\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] coerce \u003ccode\u003e-0\u003c/code\u003e keylen to \u003ccode\u003e+0\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7c4a4959142269cbfae8b1448e3a5848b84ac2f4\"\u003e\u003ccode\u003e7c4a495\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3cce1691f5021a70673ecb8833f729c1840cd38\"\u003e\u003ccode\u003ee3cce16\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix an error \u003ca href=\"https://github.com/browserify/pbkdf2/commit/f6b0e424257980e3331da18bd7d1ed3232d17afd\"\u003e\u003ccode\u003ef6b0e42\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix \u003ccode\u003enpm run postlint\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/b729629ca1ced08e42ecd5419a7971f20307ebb5\"\u003e\u003ccode\u003eb729629\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/5e0cf517d1124dd42df315b0cc5cc6219426350b\"\u003e\u003ccode\u003e5e0cf51\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/1c3b1f526b052a29b3b42120c9821895772df7e8\"\u003e\u003ccode\u003e1c3b1f5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge \u003ca href=\"https://github.com/browserify/pbkdf2/commit/528bd3861dda05e2d7e1ef7cbb724baca43766e3\"\u003e\u003ccode\u003e528bd38\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.4...v3.1.5\"\u003ev3.1.5\u003c/a\u003e - 2025-09-23\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] only allow finite iterations \u003ca href=\"https://github.com/browserify/pbkdf2/commit/67bd94dbbf21b93f5e282ee910728945c8ef2827\"\u003e\u003ccode\u003e67bd94d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8f59d962f71dcb2cc14067d7f514ff96e3406f81\"\u003e\u003ccode\u003e8f59d96\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] check parameters before the \u0026quot;no Promise\u0026quot; bailout \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d2dc5f052cacadf3d4a09d87164158da875ca740\"\u003e\u003ccode\u003ed2dc5f0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.3...v3.1.4\"\u003ev3.1.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ecreate-hash\u003c/code\u003e, \u003ccode\u003eripemd160\u003c/code\u003e, \u003ccode\u003esha.js\u003c/code\u003e, \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8dbf49b38235066c565a92eaf3722720a1333a2d\"\u003e\u003ccode\u003e8dbf49b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] update repo URLs \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d15bc351de0edbed394d2a6189176960aaa0d050\"\u003e\u003ccode\u003ed15bc35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/aaf870b1d1855e6a381af05021f304294a79f7c9\"\u003e\u003ccode\u003eaaf870b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.3\"\u003ev3.1.3\u003c/a\u003e - 2025-06-20\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8b067308eedcc3b7da3e06202d437ff532de75bd\"\u003e\u003ccode\u003e8b06730\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix whitespace \u003ca href=\"https://github.com/browserify/pbkdf2/commit/9a76e2f37ef4541aeff92d97b7335b7fa6e989a8\"\u003e\u003ccode\u003e9a76e2f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix parens/curlies/semis/etc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/6fd84bf64a423d207d9e665f3e9fd88b148c4480\"\u003e\u003ccode\u003e6fd84bf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/796c38d428ed9546e7ddfbb38322faa99921d716\"\u003e\u003ccode\u003e796c38d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node 17 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/3661fb0156177bfe380c7bcc133917e7ee501bc7\"\u003e\u003ccode\u003e3661fb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;[Tests] fix tests in node \u0026lt; 3\u0026quot; \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7431b5766805cbf880c1b3d0f38d484357844ff7\"\u003e\u003ccode\u003e7431b57\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node \u0026lt; 3 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/eb9f97a66ed83836bebc4ff563a1588248708501\"\u003e\u003ccode\u003eeb9f97a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] ensure unknown algorithms throw + known ones match node \u003ca href=\"https://github.com/browserify/pbkdf2/commit/26d4fd391e00ed806840ea1ef7341937985f4ba8\"\u003e\u003ccode\u003e26d4fd3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add GHA, always run nyc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/513906a735e80a0e125e1a3363c5dbe90bb34bb7\"\u003e\u003ccode\u003e513906a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix a few more rules \u003ca href=\"https://github.com/browserify/pbkdf2/commit/ab04da834a0342cb3779486314fa67ebc1e3f035\"\u003e\u003ccode\u003eab04da8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] switch to eslint \u003ca href=\"https://github.com/browserify/pbkdf2/commit/89694cf7e4062a8c924fbe74ad2b2d3cf78f1715\"\u003e\u003ccode\u003e89694cf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add coverage \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d0d534bfdc4db6d6ea9f719606ad18a78db6c124\"\u003e\u003ccode\u003ed0d534b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb\"\u003e\u003ccode\u003ee3102a8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] improve badges \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fca0c9d4c5b053d911315a3607367d1db9f9f605\"\u003e\u003ccode\u003efca0c9d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] remove unused travis file \u003ca href=\"https://github.com/browserify/pbkdf2/commit/a2c7d93bbcad73c49dad0c18fef6b8a4af8c3310\"\u003e\u003ccode\u003ea2c7d93\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] switch from \u003ccode\u003efiles\u003c/code\u003e to \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7f31fbca528fa5af3b7d3910daf09a7e5ed8adb4\"\u003e\u003ccode\u003e7f31fbc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] use .nycrc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8d628e8d5559b4acd4d4a714afb04a2990f901b7\"\u003e\u003ccode\u003e8d628e8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/ea4768bd09be327904b4ac075d9328c7c7ee2404\"\u003e\u003ccode\u003eea4768b\u003c/code\u003e\u003c/a\u003e v3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/b729629ca1ced08e42ecd5419a7971f20307ebb5\"\u003e\u003ccode\u003eb729629\u003c/code\u003e\u003c/a\u003e [Tests] fix \u003ccode\u003enpm run postlint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/7c4a4959142269cbfae8b1448e3a5848b84ac2f4\"\u003e\u003ccode\u003e7c4a495\u003c/code\u003e\u003c/a\u003e [Fix] coerce \u003ccode\u003e-0\u003c/code\u003e keylen to \u003ccode\u003e+0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/5e0cf517d1124dd42df315b0cc5cc6219426350b\"\u003e\u003ccode\u003e5e0cf51\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/1c3b1f526b052a29b3b42120c9821895772df7e8\"\u003e\u003ccode\u003e1c3b1f5\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3cce1691f5021a70673ecb8833f729c1840cd38\"\u003e\u003ccode\u003ee3cce16\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/f6b0e424257980e3331da18bd7d1ed3232d17afd\"\u003e\u003ccode\u003ef6b0e42\u003c/code\u003e\u003c/a\u003e [eslint] fix an error\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/fb1f74746f8f1ab171d7d43ede48eeca9e694ce3\"\u003e\u003ccode\u003efb1f747\u003c/code\u003e\u003c/a\u003e [New] add TypeScript type declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/528bd3861dda05e2d7e1ef7cbb724baca43766e3\"\u003e\u003ccode\u003e528bd38\u003c/code\u003e\u003c/a\u003e [readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/36879052911703147a6dfa5e97422126bf3cda5b\"\u003e\u003ccode\u003e3687905\u003c/code\u003e\u003c/a\u003e v3.1.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for pbkdf2 since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protocol-buffers-schema` from 3.6.0 to 3.6.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/commit/46c34bd3199aa1e32374a1af59d02413b9ea197a\"\u003e\u003ccode\u003e46c34bd\u003c/code\u003e\u003c/a\u003e 3.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/commit/2351031dd6f1d58930b8e46548e91b1e96f7c20c\"\u003e\u003ccode\u003e2351031\u003c/code\u003e\u003c/a\u003e Fixed parse.js to prevent Prototype Pollution (\u003ca href=\"https://redirect.github.com/mafintosh/protocol-buffers-schema/issues/70\"\u003e#70\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/compare/v3.6.0...v3.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sha.js` from 2.4.11 to 2.4.12\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/sha.js/blob/master/CHANGELOG.md\"\u003esha.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ev2.4.12\u003c/a\u003e - 2025-07-01\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/sha.js/commit/7acadfbd3abb558880212b20669fcb09e1aa1c58\"\u003e\u003ccode\u003e7acadfb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix package.json indentation \u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/sha.js/commit/c43c64adc6d3607d470538df72338fc02e63bc24\"\u003e\u003ccode\u003ec43c64a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] support multi-byte wide typed arrays \u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] reorder package.json \u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] avoid console logs \u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests run in batch \u003ca href=\"https://github.com/browserify/sha.js/commit/262913006e94616c8cd245ef6bd61bc4410b29e3\"\u003e\u003ccode\u003e2629130\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] drop node requirement to 0.10 \u003ca href=\"https://github.com/browserify/sha.js/commit/00c7f234aa3bdbd427ffeb929bacbb05334eb3e9\"\u003e\u003ccode\u003e00c7f23\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ebuffer\u003c/code\u003e, \u003ccode\u003ehash-test-vectors\u003c/code\u003e, \u003ccode\u003estandard\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypedarray\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/92b5de5f67472d9f18413d38ad5b9aba29ff4c22\"\u003e\u003ccode\u003e92b5de5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] drop node requirement to v3 \u003ca href=\"https://github.com/browserify/sha.js/commit/9b5eca80fd9bb21cf05bdf43ce42661f1bbafeaa\"\u003e\u003ccode\u003e9b5eca8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] set engines to \u003ccode\u003e\u0026amp;gt;= 4\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/807084c5c0f943459e89838252cafbd175b549b7\"\u003e\u003ccode\u003e807084c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/sha.js/commit/c72789c7a129cf453d44008ba27a88b90ac7989b\"\u003e\u003ccode\u003ec72789c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/5428cfc6f7177ad1a41c837b9387308848db96de\"\u003e\u003ccode\u003e5428cfc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/2dbe0aab419e90add5032c70c9663b8fc562adb8\"\u003e\u003ccode\u003e2dbe0aa\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate README to reflect LICENSE \u003ca href=\"https://github.com/browserify/sha.js/commit/8938256dbb2241a7c749e4a399dbaff48cbe8e95\"\u003e\u003ccode\u003e8938256\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/sha.js/commit/d52889688ce524e63570f35e448635a29e6dd791\"\u003e\u003ccode\u003ed528896\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused \u003ccode\u003ebuffer\u003c/code\u003e dep \u003ca href=\"https://github.com/browserify/sha.js/commit/94ca7247f467ef045f41d534708bf7c700e03828\"\u003e\u003ccode\u003e94ca724\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/eb4ea2fd3da93d41e250f9ac8a1a133ce450e0a2\"\u003e\u003ccode\u003eeb4ea2f\u003c/code\u003e\u003c/a\u003e v2.4.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e [meta] reorder package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e [eslint] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/d52889688ce524e63570f35e448635a29e6dd791\"\u003e\u003ccode\u003ed528896\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/94ca7247f467ef045f41d534708bf7c700e03828\"\u003e\u003ccode\u003e94ca724\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused \u003ccode\u003ebuffer\u003c/code\u003e dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/2dbe0aab419e90add5032c70c9663b8fc562adb8\"\u003e\u003ccode\u003e2dbe0aa\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e [Tests] avoid console logs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e [Fix] support multi-byte wide typed arrays\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for sha.js since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar-fs` from 1.16.3 to 1.16.6\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/6c89b946d0f0043f94a7deb8820f7c3922bc2568\"\u003e\u003ccode\u003e6c89b94\u003c/code\u003e\u003c/a\u003e 1.16.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/4884466fee755d3e462ea9390748a1bf802cdfde\"\u003e\u003ccode\u003e4884466\u003c/code\u003e\u003c/a\u003e refactor to same pattern as v3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/3c6eddb6008d14f4ca83a439dd432263d29ecb0f\"\u003e\u003ccode\u003e3c6eddb\u003c/code\u003e\u003c/a\u003e 1.16.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/c5e7d961a50aaa9614fba3019516227756ea63b6\"\u003e\u003ccode\u003ec5e7d96\u003c/code\u003e\u003c/a\u003e hardlink tweak from main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/ff6510d7ba63b6ee200442b80f4326f369e7d4bd\"\u003e\u003ccode\u003eff6510d\u003c/code\u003e\u003c/a\u003e 1.16.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/tar-fs/commit/df4bca54402e1f03bcbee0bb8ccbe3c4ca84636e\"\u003e\u003ccode\u003edf4bca5\u003c/code\u003e\u003c/a\u003e port fix from main\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mafintosh/tar-fs/compare/v1.16.3...v1.16.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tmp` from 0.2.1 to 0.2.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md\"\u003etmp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.2 (2024-02-28)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/raszi/node-tmp/pull/278\"\u003e#278\u003c/a\u003e Closes \u003ca href=\"https://redirect.github.com/raszi/node-tmp/issues/268\"\u003e#268\u003c/a\u003e: Revert \u0026quot;fix \u003ca href=\"https://redirect.github.com/raszi/node-tmp/issues/246\"\u003e#246\u003c/a\u003e: remove any double quotes or single quotes… (\u003ca href=\"https://github.com/mbargiel\"\u003e\u003ccode\u003e@​mbargiel\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:memo: Documentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/raszi/node-tmp/pull/279\"\u003e#279\u003c/a\u003e Closes \u003ca href=\"https://redirect.github.com/raszi/node-tmp/issues/266\"\u003e#266\u003c/a\u003e: move paragraph on graceful cleanup to the head of the documentation (\u003ca href=\"https://github.com/silkentrance\"\u003e\u003ccode\u003e@​silkentrance\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 5\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCarsten Klein (\u003ca href=\"https://github.com/silkentrance\"\u003e\u003ccode\u003e@​silkentrance\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDave Nicolson (\u003ca href=\"https://github.com/dnicolson\"\u003e\u003ccode\u003e@​dnicolson\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eKARASZI István (\u003ca href=\"https://github.com/raszi\"\u003e\u003ccode\u003e@​raszi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMaxime Bargiel (\u003ca href=\"https://github.com/mbargiel\"\u003e\u003ccode\u003e@​mbargiel\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/robertoaceves\"\u003e\u003ccode\u003e@​robertoaceves\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/8ea1f37d75c67569e0f151448330d52f7babf211\"\u003e\u003ccode\u003e8ea1f37\u003c/code\u003e\u003c/a\u003e Bump up the version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/8f24f788a356b5d45c9bec894632bd4931338153\"\u003e\u003ccode\u003e8f24f78\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/ce787f37aaacccad921ae90990c9da33481fe59c\"\u003e\u003ccode\u003ece787f3\u003c/code\u003e\u003c/a\u003e Reject non-string prefix, postfix, template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/41f71598d03f104a67e0448a7cb9bd4efcdd5980\"\u003e\u003ccode\u003e41f7159\u003c/code\u003e\u003c/a\u003e Bump up the version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/efa4a06f24374797ae32ab2b6ae39b7a611ae429\"\u003e\u003ccode\u003eefa4a06\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/7ef2728ce0211b8110b2033dfe62eaf030341acf\"\u003e\u003ccode\u003e7ef2728\u003c/code\u003e\u003c/a\u003e Check for relative values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/3d2fe387f3f91b13830b9182faa02c3231ea8258\"\u003e\u003ccode\u003e3d2fe38\u003c/code\u003e\u003c/a\u003e Bump up the version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/e16282879e5d0554fe824e1ab3df724847e91183\"\u003e\u003ccode\u003ee162828\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/raszi/node-tmp/issues/309\"\u003e#309\u003c/a\u003e from fflorent/fix-tmp-dir-with-dir\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/b847d2f1a42b625c26149f4a2029ed00a1edf90b\"\u003e\u003ccode\u003eb847d2f\u003c/code\u003e\u003c/a\u003e Fix use of tmp.dir() with \u003ccode\u003edir\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/raszi/node-tmp/commit/08fa3abac32b621506512724b28b56b9c4a95846\"\u003e\u003ccode\u003e08fa3ab\u003c/code\u003e\u003c/a\u003e Update version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/raszi/node-tmp/compare/v0.2.1...v0.2.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Domimueller85/subgraphs/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Domimueller85/subgraphs/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Domimueller85%2Fsubgraphs/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-06-10T08:22:57.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4629390269","node_id":"PR_kwDOCMNac87kwRo8","number":1,"state":"closed","title":"Bump the npm_and_yarn group across 2 directories with 20 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-06-13T05:10:58.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-10T08:22:57.000Z","updated_at":"2026-06-13T05:11:00.000Z","time_to_close":247681,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":20,"packages":[{"name":"axios","old_version":"0.18.0","new_version":"0.32.0","repository_url":"https://github.com/axios/axios"},{"name":"qs","old_version":"6.5.2","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"lodash","old_version":"4.17.10","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"uuid","old_version":"3.3.2","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"webpack-dev-server","old_version":"3.1.4","new_version":"5.2.4","repository_url":"https://github.com/webpack/webpack-dev-server"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.4","repository_url":"https://github.com/isaacs/minimatch"},{"name":"csvtojson","old_version":"1.1.12","new_version":"2.0.13","repository_url":"https://github.com/Keyang/node-csvtojson"},{"name":"sanitize-html","old_version":"1.18.2","new_version":"2.0.0","repository_url":"https://github.com/apostrophecms/apostrophe"},{"name":"js-yaml","old_version":"3.11.0","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"bn.js","old_version":"4.11.8","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"handlebars","old_version":"4.0.11","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"jws","old_version":"3.1.5","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"min-document","old_version":"2.19.0","new_version":"2.19.2","repository_url":"https://github.com/Raynos/min-document"},{"name":"node-forge","old_version":"0.7.5","new_version":"0.7.6","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"serialize-javascript","old_version":"1.5.0","new_version":"1.9.1","repository_url":"https://github.com/yahoo/serialize-javascript"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar-fs","old_version":"1.16.3","new_version":"1.16.6","repository_url":"https://github.com/mafintosh/tar-fs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 2 updates in the /infrastructure/functions/onGithubWebhook directory: [axios](https://github.com/axios/axios) and [qs](https://github.com/ljharb/qs).\nBumps the npm_and_yarn group with 18 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.18.0` | `0.32.0` |\n| [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.15.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.10` | `4.18.1` |\n| [uuid](https://github.com/uuidjs/uuid) | `3.3.2` | `14.0.0` |\n| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `3.1.4` | `5.2.4` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.4` |\n| [csvtojson](https://github.com/Keyang/node-csvtojson) | `1.1.12` | `2.0.13` |\n| [sanitize-html](https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html) | `1.18.2` | `2.0.0` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.11.0` | `3.14.2` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.11.8` | `4.12.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.0.11` | `4.7.9` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.1.5` | `3.2.3` |\n| [min-document](https://github.com/Raynos/min-document) | `2.19.0` | `2.19.2` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `0.7.5` | `0.7.6` |\n| [serialize-javascript](https://github.com/yahoo/serialize-javascript) | `1.5.0` | `1.9.1` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `1.16.3` | `1.16.6` |\n\n\nUpdates `axios` from 0.17.0 to 0.32.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.32.0 — May 4, 2026\u003c/h2\u003e\n\u003cp\u003eThis release backports a comprehensive set of security and hardening fixes from the v1.x branch into v0.x, covering prototype-pollution protections, default error redaction, stricter proxy/cookie/socket handling, and one breaking change to merged config and header object prototypes.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNull-prototype merged objects: mergeConfig and header merging now return objects with a null prototype to block prototype-pollution gadgets. Consumers must use Object.prototype.hasOwnProperty.call(obj, key) and avoid implicit string coercion against merged config or header objects. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefault error redaction: AxiosError.toJSON() now redacts sensitive keys by default to prevent credential leaks in logs. The behavior is configurable via config.redact, with defaults exposed on defaults.redact. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCookie \u0026amp; XSRF handling: Cookie names are read literally rather than via regex, and only own properties are respected when evaluating withXSRFToken. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProxy bypass IPv6 parity: NO_PROXY matching now handles canonical IPv4-mapped IPv6 forms such as ::ffff:127.0.0.1 and ::ffff:7f00:1. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNode http adapter hardening: Strips Proxy-Authorization when no proxy is in use and gates socketPath behind a new allowedSocketPaths allowlist (string or array, normalized) to reduce accidental Unix socket exposure. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBrowser xhr adapter: Stricter own-property checks when reading config and headers. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eURL parameters: AxiosURLSearchParams keeps %00 encoded and applies consistent encoding throughout. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePublic type surface: Adds formDataHeaderPolicy, redact, and allowedSocketPaths to the TypeScript declarations alongside their runtime defaults. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepo hygiene: Updates README.md and CHANGELOG.md, adds AGENTS.md, and refreshes the issue and PR templates. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.1...v0.32.0\"\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.1\u003c/h2\u003e\n\u003cp\u003eThis release backports a broad set of security hardenings from the v1 line — covering prototype-pollution defences, stream size enforcement, XSRF handling, URL null-byte encoding, and bounded FormData recursion — and drops committed \u003ccode\u003edist/\u003c/code\u003e artefacts along with Bower support.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBower \u0026amp; Committed \u003ccode\u003edist/\u003c/code\u003e Removed:\u003c/strong\u003e \u003ccode\u003edist/\u003c/code\u003e bundles are no longer committed to the repo, and \u003ccode\u003ebower.json\u003c/code\u003e plus the Grunt \u003ccode\u003epackage2bower\u003c/code\u003e task have been removed. CI still builds bundles before publish, so npm/yarn/pnpm consumers are unaffected; installs via Bower or directly from the git tree must migrate to npm or a CDN. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Header Merge (GHSA-6chq-wfr3-2hj9):\u003c/strong\u003e Tightened \u003ccode\u003eisFormData\u003c/code\u003e to reject plain/null-prototype objects and require \u003ccode\u003eappend\u003c/code\u003e, and guarded the Node HTTP adapter so \u003ccode\u003edata.getHeaders()\u003c/code\u003e is only merged when it is not inherited from \u003ccode\u003eObject.prototype\u003c/code\u003e. Blocks injected headers via polluted \u003ccode\u003egetHeaders\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Config Merging (GHSA-pf86-5x62-jrwf):\u003c/strong\u003e \u003ccode\u003emergeConfig\u003c/code\u003e, defaults resolution, and the HTTP adapter now uses own-property checks for \u003ccode\u003etransport\u003c/code\u003e, \u003ccode\u003eenv\u003c/code\u003e, \u003ccode\u003eBlob\u003c/code\u003e, \u003ccode\u003eformSerializer\u003c/code\u003e, and transforms arrays, and merged configs are returned as null-prototype objects. Prevents hijacking of the request flow through polluted prototypes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFormData / Params Recursion DoS:\u003c/strong\u003e Added a configurable \u003ccode\u003emaxDepth\u003c/code\u003e (default \u003ccode\u003e100\u003c/code\u003e, \u003ccode\u003eInfinity\u003c/code\u003e disables) to \u003ccode\u003etoFormData\u003c/code\u003e and params serialisation, throwing \u003ccode\u003eAxiosError\u003c/code\u003e with code \u003ccode\u003eERR_FORM_DATA_DEPTH_EXCEEDED\u003c/code\u003e when exceeded. Circular-reference detection is preserved. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNull-Byte Injection in Query Strings:\u003c/strong\u003e Removed the unsafe \u003ccode\u003e%00\u003c/code\u003e → null-byte substitution from \u003ccode\u003eAxiosURLSearchParams.encode\u003c/code\u003e so \u003ccode\u003e%00\u003c/code\u003e is preserved as-is. Other encoding behaviour (including \u003ccode\u003e%20\u003c/code\u003e → \u003ccode\u003e+\u003c/code\u003e) unchanged. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eConsolidated v1 Security Backport:\u003c/strong\u003e Rolls up remaining v1 hardenings into \u003ccode\u003ev0.x\u003c/code\u003e: \u003ccode\u003emaxContentLength\u003c/code\u003e enforcement for \u003ccode\u003eresponseType: 'stream'\u003c/code\u003e via a guarded transform with deferred piping, \u003ccode\u003emaxBodyLength\u003c/code\u003e enforcement for streamed uploads on native \u003ccode\u003ehttp\u003c/code\u003e/\u003ccode\u003ehttps\u003c/code\u003e with \u003ccode\u003emaxRedirects: 0\u003c/code\u003e, and stricter \u003ccode\u003ewithXSRFToken\u003c/code\u003e handling so only own boolean \u003ccode\u003etrue\u003c/code\u003e enables cross-origin XSRF headers. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCODEOWNERS:\u003c/strong\u003e Added \u003ccode\u003e.github/CODEOWNERS\u003c/code\u003e with \u003ccode\u003e* @jasonsaayman\u003c/code\u003e to set a default reviewer for all paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.0...v0.31.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.0\u003c/h2\u003e\n\u003cp\u003eThis release backports security fixes from v1.x, hardens the CI/CD supply chain with OIDC publishing and \u003ccode\u003ezizmor\u003c/code\u003e scanning, resolves TypeScript typing issues in \u003ccode\u003eAxiosInstance\u003c/code\u003e, and fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8db2d44896849a21ed9721185b1034df24e1ba7b\"\u003e\u003ccode\u003e8db2d44\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.32.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10840\"\u003e#10840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2af6116a957b1dd1b32056181326da8a5540d3bc\"\u003e\u003ccode\u003e2af6116\u003c/code\u003e\u003c/a\u003e chore: backport fixes from the v1x branch (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a589dc525af12e0fabef7d6e5be028ad433eee31\"\u003e\u003ccode\u003ea589dc5\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.31.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10766\"\u003e#10766\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b0c632f36a5ea2e73c9bdf3a54164a8ede925736\"\u003e\u003ccode\u003eb0c632f\u003c/code\u003e\u003c/a\u003e fix: backport security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b52187f4571b6b8663fed5904e3082ab30660364\"\u003e\u003ccode\u003eb52187f\u003c/code\u003e\u003c/a\u003e fix: harden config merging (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e3ddeb40f6a142a234925341151e2ca631a6de64\"\u003e\u003ccode\u003ee3ddeb4\u003c/code\u003e\u003c/a\u003e fix: header security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f4f2d76e25cc0f777e5416e2d76282ab873ef9dc\"\u003e\u003ccode\u003ef4f2d76\u003c/code\u003e\u003c/a\u003e chore: stop committing dist/ and remove bower (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1f2f64433e5be205d74471c78c2721909282b9c0\"\u003e\u003ccode\u003e1f2f644\u003c/code\u003e\u003c/a\u003e chore: add CODEOWNERS (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44bca902e1bdd7dd6490c7b4985b63e729b0e634\"\u003e\u003ccode\u003e44bca90\u003c/code\u003e\u003c/a\u003e fix: improve regex in AxiosURLSearchParams (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4c4f07fabdb005f5430bab797f12b55e2ed5fb33\"\u003e\u003ccode\u003e4c4f07f\u003c/code\u003e\u003c/a\u003e fix: form data recursion (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.17.0...v0.32.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.2.5 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.2.5...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.5.1 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.5.1...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 0.18.0 to 0.32.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.32.0 — May 4, 2026\u003c/h2\u003e\n\u003cp\u003eThis release backports a comprehensive set of security and hardening fixes from the v1.x branch into v0.x, covering prototype-pollution protections, default error redaction, stricter proxy/cookie/socket handling, and one breaking change to merged config and header object prototypes.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNull-prototype merged objects: mergeConfig and header merging now return objects with a null prototype to block prototype-pollution gadgets. Consumers must use Object.prototype.hasOwnProperty.call(obj, key) and avoid implicit string coercion against merged config or header objects. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefault error redaction: AxiosError.toJSON() now redacts sensitive keys by default to prevent credential leaks in logs. The behavior is configurable via config.redact, with defaults exposed on defaults.redact. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCookie \u0026amp; XSRF handling: Cookie names are read literally rather than via regex, and only own properties are respected when evaluating withXSRFToken. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProxy bypass IPv6 parity: NO_PROXY matching now handles canonical IPv4-mapped IPv6 forms such as ::ffff:127.0.0.1 and ::ffff:7f00:1. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNode http adapter hardening: Strips Proxy-Authorization when no proxy is in use and gates socketPath behind a new allowedSocketPaths allowlist (string or array, normalized) to reduce accidental Unix socket exposure. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBrowser xhr adapter: Stricter own-property checks when reading config and headers. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eURL parameters: AxiosURLSearchParams keeps %00 encoded and applies consistent encoding throughout. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePublic type surface: Adds formDataHeaderPolicy, redact, and allowedSocketPaths to the TypeScript declarations alongside their runtime defaults. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepo hygiene: Updates README.md and CHANGELOG.md, adds AGENTS.md, and refreshes the issue and PR templates. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.1...v0.32.0\"\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.1\u003c/h2\u003e\n\u003cp\u003eThis release backports a broad set of security hardenings from the v1 line — covering prototype-pollution defences, stream size enforcement, XSRF handling, URL null-byte encoding, and bounded FormData recursion — and drops committed \u003ccode\u003edist/\u003c/code\u003e artefacts along with Bower support.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBower \u0026amp; Committed \u003ccode\u003edist/\u003c/code\u003e Removed:\u003c/strong\u003e \u003ccode\u003edist/\u003c/code\u003e bundles are no longer committed to the repo, and \u003ccode\u003ebower.json\u003c/code\u003e plus the Grunt \u003ccode\u003epackage2bower\u003c/code\u003e task have been removed. CI still builds bundles before publish, so npm/yarn/pnpm consumers are unaffected; installs via Bower or directly from the git tree must migrate to npm or a CDN. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Header Merge (GHSA-6chq-wfr3-2hj9):\u003c/strong\u003e Tightened \u003ccode\u003eisFormData\u003c/code\u003e to reject plain/null-prototype objects and require \u003ccode\u003eappend\u003c/code\u003e, and guarded the Node HTTP adapter so \u003ccode\u003edata.getHeaders()\u003c/code\u003e is only merged when it is not inherited from \u003ccode\u003eObject.prototype\u003c/code\u003e. Blocks injected headers via polluted \u003ccode\u003egetHeaders\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Config Merging (GHSA-pf86-5x62-jrwf):\u003c/strong\u003e \u003ccode\u003emergeConfig\u003c/code\u003e, defaults resolution, and the HTTP adapter now uses own-property checks for \u003ccode\u003etransport\u003c/code\u003e, \u003ccode\u003eenv\u003c/code\u003e, \u003ccode\u003eBlob\u003c/code\u003e, \u003ccode\u003eformSerializer\u003c/code\u003e, and transforms arrays, and merged configs are returned as null-prototype objects. Prevents hijacking of the request flow through polluted prototypes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFormData / Params Recursion DoS:\u003c/strong\u003e Added a configurable \u003ccode\u003emaxDepth\u003c/code\u003e (default \u003ccode\u003e100\u003c/code\u003e, \u003ccode\u003eInfinity\u003c/code\u003e disables) to \u003ccode\u003etoFormData\u003c/code\u003e and params serialisation, throwing \u003ccode\u003eAxiosError\u003c/code\u003e with code \u003ccode\u003eERR_FORM_DATA_DEPTH_EXCEEDED\u003c/code\u003e when exceeded. Circular-reference detection is preserved. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNull-Byte Injection in Query Strings:\u003c/strong\u003e Removed the unsafe \u003ccode\u003e%00\u003c/code\u003e → null-byte substitution from \u003ccode\u003eAxiosURLSearchParams.encode\u003c/code\u003e so \u003ccode\u003e%00\u003c/code\u003e is preserved as-is. Other encoding behaviour (including \u003ccode\u003e%20\u003c/code\u003e → \u003ccode\u003e+\u003c/code\u003e) unchanged. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eConsolidated v1 Security Backport:\u003c/strong\u003e Rolls up remaining v1 hardenings into \u003ccode\u003ev0.x\u003c/code\u003e: \u003ccode\u003emaxContentLength\u003c/code\u003e enforcement for \u003ccode\u003eresponseType: 'stream'\u003c/code\u003e via a guarded transform with deferred piping, \u003ccode\u003emaxBodyLength\u003c/code\u003e enforcement for streamed uploads on native \u003ccode\u003ehttp\u003c/code\u003e/\u003ccode\u003ehttps\u003c/code\u003e with \u003ccode\u003emaxRedirects: 0\u003c/code\u003e, and stricter \u003ccode\u003ewithXSRFToken\u003c/code\u003e handling so only own boolean \u003ccode\u003etrue\u003c/code\u003e enables cross-origin XSRF headers. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCODEOWNERS:\u003c/strong\u003e Added \u003ccode\u003e.github/CODEOWNERS\u003c/code\u003e with \u003ccode\u003e* @jasonsaayman\u003c/code\u003e to set a default reviewer for all paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.0...v0.31.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.0\u003c/h2\u003e\n\u003cp\u003eThis release backports security fixes from v1.x, hardens the CI/CD supply chain with OIDC publishing and \u003ccode\u003ezizmor\u003c/code\u003e scanning, resolves TypeScript typing issues in \u003ccode\u003eAxiosInstance\u003c/code\u003e, and fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8db2d44896849a21ed9721185b1034df24e1ba7b\"\u003e\u003ccode\u003e8db2d44\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.32.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10840\"\u003e#10840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2af6116a957b1dd1b32056181326da8a5540d3bc\"\u003e\u003ccode\u003e2af6116\u003c/code\u003e\u003c/a\u003e chore: backport fixes from the v1x branch (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a589dc525af12e0fabef7d6e5be028ad433eee31\"\u003e\u003ccode\u003ea589dc5\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.31.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10766\"\u003e#10766\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b0c632f36a5ea2e73c9bdf3a54164a8ede925736\"\u003e\u003ccode\u003eb0c632f\u003c/code\u003e\u003c/a\u003e fix: backport security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b52187f4571b6b8663fed5904e3082ab30660364\"\u003e\u003ccode\u003eb52187f\u003c/code\u003e\u003c/a\u003e fix: harden config merging (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e3ddeb40f6a142a234925341151e2ca631a6de64\"\u003e\u003ccode\u003ee3ddeb4\u003c/code\u003e\u003c/a\u003e fix: header security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f4f2d76e25cc0f777e5416e2d76282ab873ef9dc\"\u003e\u003ccode\u003ef4f2d76\u003c/code\u003e\u003c/a\u003e chore: stop committing dist/ and remove bower (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1f2f64433e5be205d74471c78c2721909282b9c0\"\u003e\u003ccode\u003e1f2f644\u003c/code\u003e\u003c/a\u003e chore: add CODEOWNERS (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44bca902e1bdd7dd6490c7b4985b63e729b0e634\"\u003e\u003ccode\u003e44bca90\u003c/code\u003e\u003c/a\u003e fix: improve regex in AxiosURLSearchParams (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4c4f07fabdb005f5430bab797f12b55e2ed5fb33\"\u003e\u003ccode\u003e4c4f07f\u003c/code\u003e\u003c/a\u003e fix: form data recursion (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.17.0...v0.32.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.5.1 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.2.5...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.5.2 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.5.1...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.10 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.10...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 3.3.2 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v3.3.2...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack-dev-server` from 3.1.4 to 5.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack-dev-server/releases\"\u003ewebpack-dev-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.4\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.3...v5.2.4\"\u003e5.2.4\u003c/a\u003e (2026-05-11)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eset Cross-Origin-Resource-Policy header to prevent source code theft over HTTP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.3\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.2...v5.2.3\"\u003e5.2.3\u003c/a\u003e (2026-01-12)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ecause\u003c/code\u003e for \u003ccode\u003eerrorObject\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5518\"\u003e#5518\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/37b033da2c48335178495a1987c469a26ef3de60\"\u003e37b033d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with event target and universal target and lazy compilation  (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/574026c44b9c51f0bbd2f5a2836c54607289a071\"\u003e574026c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eoverlay:\u003c/strong\u003e add ESC key to dismiss overlay (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5598\"\u003e#5598\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/f91baa8831e061e2998849966b8002b40b83fb07\"\u003ef91baa8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eprogress indicator styles (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5557\"\u003e#5557\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/41a53a1accdb0a90785d82cbe8a079794eeed3c8\"\u003e41a53a1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade selfsigned to v5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.2\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.1...v5.2.2\"\u003e5.2.2\u003c/a\u003e (2025-06-03)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u0026quot;Overlay enabled\u0026quot; false positive (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/18e72ee3e57a6e7598a6c068c0ff7c7bb6a857f1\"\u003e18e72ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not crush when error is null for runtime errors (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5447\"\u003e#5447\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/309991f947baa0354140b9930a9654ac792e20c4\"\u003e309991f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove unnecessary header \u003ccode\u003eX_TEST\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5451\"\u003e#5451\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/64a6124bf1b4d158bb42a4341dd03121ae3759fa\"\u003e64a6124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erespect the \u003ccode\u003eallowedHosts\u003c/code\u003e option for cross-origin header check (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5510\"\u003e#5510\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/03d12141bf7be09dfb14e91e5c834ee63bd9a9a2\"\u003e03d1214\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.0...v6.0.0\"\u003e5.2.1\u003c/a\u003e (2025-03-26)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecross-origin requests are not allowed unless allowed by \u003ccode\u003eAccess-Control-Allow-Origin\u003c/code\u003e header\u003c/li\u003e\n\u003cli\u003erequests with an IP addresses in the \u003ccode\u003eOrigin\u003c/code\u003e header are not allowed to connect to WebSocket server unless configured by \u003ccode\u003eallowedHosts\u003c/code\u003e or it different from the \u003ccode\u003eHost\u003c/code\u003e header\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe above changes may make the dev server not work if you relied on such behavior, but unfortunately they carry security risks, so they were considered as fixes.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent overlay for errors caught by React error boundaries (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5431\"\u003e#5431\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/8c1abc903ab444d9ce99e567b9a6c603e1ec06be\"\u003e8c1abc9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003etake the first network found instead of the last one, this restores the same behavior as 5.0.4 (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5411\"\u003e#5411\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/ffd0b86b790d372f90e17aea92cfd9def83fee96\"\u003effd0b86\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.1.0...v5.2.0\"\u003e5.2.0\u003c/a\u003e (2024-12-11)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack-dev-server/blob/main/CHANGELOG.md\"\u003ewebpack-dev-server's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.3...v5.2.4\"\u003e5.2.4\u003c/a\u003e (2026-05-11)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eset Cross-Origin-Resource-Policy header to prevent source code theft over HTTP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.2...v5.2.3\"\u003e5.2.3\u003c/a\u003e (2026-01-12)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ecause\u003c/code\u003e for \u003ccode\u003eerrorObject\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5518\"\u003e#5518\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/37b033da2c48335178495a1987c469a26ef3de60\"\u003e37b033d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with event target and universal target and lazy compilation  (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/574026c44b9c51f0bbd2f5a2836c54607289a071\"\u003e574026c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eoverlay:\u003c/strong\u003e add ESC key to dismiss overlay (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5598\"\u003e#5598\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/f91baa8831e061e2998849966b8002b40b83fb07\"\u003ef91baa8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eprogress indicator styles (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5557\"\u003e#5557\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/41a53a1accdb0a90785d82cbe8a079794eeed3c8\"\u003e41a53a1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade selfsigned to v5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.1...v5.2.2\"\u003e5.2.2\u003c/a\u003e (2025-06-03)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u0026quot;Overlay enabled\u0026quot; false positive (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/18e72ee3e57a6e7598a6c068c0ff7c7bb6a857f1\"\u003e18e72ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not crush when error is null for runtime errors (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5447\"\u003e#5447\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/309991f947baa0354140b9930a9654ac792e20c4\"\u003e309991f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove unnecessary header \u003ccode\u003eX_TEST\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5451\"\u003e#5451\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/64a6124bf1b4d158bb42a4341dd03121ae3759fa\"\u003e64a6124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erespect the \u003ccode\u003eallowedHosts\u003c/code\u003e option for cross-origin header check (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5510\"\u003e#5510\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/03d12141bf7be09dfb14e91e5c834ee63bd9a9a2\"\u003e03d1214\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.0...v6.0.0\"\u003e5.2.1\u003c/a\u003e (2025-03-26)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecross-origin requests are not allowed unless allowed by \u003ccode\u003eAccess-Control-Allow-Origin\u003c/code\u003e header\u003c/li\u003e\n\u003cli\u003erequests with an IP addresses in the \u003ccode\u003eOrigin\u003c/code\u003e header are not allowed to connect to WebSocket server unless configured by \u003ccode\u003eallowedHosts\u003c/code\u003e or it different from the \u003ccode\u003eHost\u003c/code\u003e header\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe above changes may make the dev server not work if you relied on such behavior, but unfortunately they carry security risks, so they were considered as fixes.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent overlay for errors caught by React error boundaries (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5431\"\u003e#5431\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/8c1abc903ab444d9ce99e567b9a6c603e1ec06be\"\u003e8c1abc9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003etake the first network found instead of the last one, this restores the same behavior as 5.0.4 (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5411\"\u003e#5411\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-serve...\n\n_Description has been truncated_","html_url":"https://github.com/lisaross/gatsby/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/lisaross%2Fgatsby/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-06-10T02:25:54.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4627365146","node_id":"PR_kwDOG3VMuc7kppdq","number":9,"state":"open","title":"Bump cipher-base from 1.0.4 to 1.0.7","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-10T02:25:54.000Z","updated_at":"2026-06-10T02:25:58.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"}],"path":null,"ecosystem":"npm"},"body":"Bumps [cipher-base](https://github.com/crypto-browserify/cipher-base) from 1.0.4 to 1.0.7.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cipher-base\u0026package-manager=npm_and_yarn\u0026previous-version=1.0.4\u0026new-version=1.0.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/mculp/polygon-test/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/mculp/polygon-test/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mculp%2Fpolygon-test/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-06-10T02:25:38.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4627363898","node_id":"PR_kwDOGb1TMc7kppNR","number":1,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-10T02:25:38.000Z","updated_at":"2026-06-10T02:26:49.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"next","old_version":"12.0.4","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"apollo-server","old_version":"3.5.0","new_version":"3.13.0","repository_url":"https://github.com/apollographql/apollo-server"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.14.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@protobufjs/utf8","old_version":"1.1.0","new_version":"1.1.1","repository_url":"https://github.com/dcodeIO/protobuf.js"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"bn.js","old_version":"4.12.0","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"express","old_version":"4.17.1","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"flatted","old_version":"3.2.0","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.14.1","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.0","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar","old_version":"6.1.11","new_version":"6.2.1","repository_url":"https://github.com/isaacs/node-tar"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 17 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [next](https://github.com/vercel/next.js) | `12.0.4` | `15.5.18` |\n| [apollo-server](https://github.com/apollographql/apollo-server/tree/HEAD/packages/apollo-server) | `3.5.0` | `3.13.0` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.14.5` | `7.29.7` |\n| [@protobufjs/utf8](https://github.com/dcodeIO/protobuf.js) | `1.1.0` | `1.1.1` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.12.0` | `4.12.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [express](https://github.com/expressjs/express) | `4.17.1` | `4.22.2` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.0` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.1` | `1.16.0` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.6` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n| [tar](https://github.com/isaacs/node-tar) | `6.1.11` | `6.2.1` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n\n\nUpdates `next` from 12.0.4 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.18\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.16\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9ff92cebcaa6ba4e7463b6fd037a8510ba9b81ec\"\u003e\u003ccode\u003e9ff92ce\u003c/code\u003e\u003c/a\u003e v15.5.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/00ebe23562bd7eb32dd78730984bfadb47138bcf\"\u003e\u003ccode\u003e00ebe23\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/62c97ab0b5825e2cbc15f6b682d8286a8dd6a038\"\u003e\u003ccode\u003e62c97ab\u003c/code\u003e\u003c/a\u003e v15.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/423623ae38c106273085b66946ee5bf9aab77f2c\"\u003e\u003ccode\u003e423623a\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fa787399b38d9aa702118f9bd23a8315b9f0ecc6\"\u003e\u003ccode\u003efa78739\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36e62c6eb7813e42d409eb487f93b829f4ad77e8\"\u003e\u003ccode\u003e36e62c6\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93588\"\u003e#93588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36589b5db512b7704cdadd873cbe49b6dbcc9261\"\u003e\u003ccode\u003e36589b5\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93596\"\u003e#93596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ad6fd4e50e5aba20b60d283c42b89273a3167ccd\"\u003e\u003ccode\u003ead6fd4e\u003c/code\u003e\u003c/a\u003e v15.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/79d7dff1448483f0c8f187f98887b31019f6e494\"\u003e\u003ccode\u003e79d7dff\u003c/code\u003e\u003c/a\u003e Ignore malformed CSP nonce headers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c4f69086cc8dcbd81b1dbc321c98ea874d90d6f8\"\u003e\u003ccode\u003ec4f6908\u003c/code\u003e\u003c/a\u003e router-server: guard upgrade proxy against absolute-url SSRF (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/77\"\u003e#77\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v12.0.4...v15.5.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `apollo-server` from 3.5.0 to 3.13.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f93284e853efd6da46d91ae40da47a2dd15b61fe\"\u003e\u003ccode\u003ef93284e\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/ea2e2c3e071afc9144af00cae7b51720b9cc8b32\"\u003e\u003ccode\u003eea2e2c3\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/fac578a32d5b6e21164fb649fc61d641d0401774\"\u003e\u003ccode\u003efac578a\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/6247d96ba90de6fa9b45995dcab72758c99aab78\"\u003e\u003ccode\u003e6247d96\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/538151b9f30dfc91036eef2f8f65fbf7922d861e\"\u003e\u003ccode\u003e538151b\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f519e1d7de8564259eb1c8c1c7523669bd9ad815\"\u003e\u003ccode\u003ef519e1d\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/985c0795579a1d39e7b78edce1c9e2e7c8facf82\"\u003e\u003ccode\u003e985c079\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/2bf7f66db91aa2919266afc16f18a918501178ee\"\u003e\u003ccode\u003e2bf7f66\u003c/code\u003e\u003c/a\u003e chore(deps): update all non-major dependencies (main) (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/apollo-server/issues/6852\"\u003e#6852\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f6c5c9fec04c222aa15272b90d203ddc3fe64857\"\u003e\u003ccode\u003ef6c5c9f\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/e6097d614c9ac6887b359529cf27c1bd1a5de59c\"\u003e\u003ccode\u003ee6097d6\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apollographql/apollo-server/commits/apollo-server@3.13.0/packages/apollo-server\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.14.5 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@protobufjs/utf8` from 1.1.0 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dcodeIO/protobuf.js/releases\"\u003e@​protobufjs/utf8's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs-cli: v1.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-cli-v1.1.0...protobufjs-cli-v1.1.1\"\u003e1.1.1\u003c/a\u003e (2023-02-02)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e fix relative path to Google pb files (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/1859\"\u003e#1859\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e42eea4868b11f4a07934804a56683321ed191e2\"\u003ee42eea4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/dcodeIO/protobuf.js/compare/pool-v1.1.0...utf8-v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `apollo-server-core` from 3.5.0 to 3.13.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/f93284e853efd6da46d91ae40da47a2dd15b61fe\"\u003e\u003ccode\u003ef93284e\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/4745ebed69775959212bbca7b02cff65c1f0dc64\"\u003e\u003ccode\u003e4745ebe\u003c/code\u003e\u003c/a\u003e Rename option from disableValidation to dangerouslyDisableValidation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/11f5981067f570c60a0003b51f3d634ebd8fa792\"\u003e\u003ccode\u003e11f5981\u003c/code\u003e\u003c/a\u003e Add disableValidation option to apollo-server-core\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/ea2e2c3e071afc9144af00cae7b51720b9cc8b32\"\u003e\u003ccode\u003eea2e2c3\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/1dd45b8366a6cee75e4ca321eeb5acf107e6c73e\"\u003e\u003ccode\u003e1dd45b8\u003c/code\u003e\u003c/a\u003e get CI passing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/d38b43bac88acdef4295759d7dcc3d4c348d9575\"\u003e\u003ccode\u003ed38b43b\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-j5g3-5c8r-7qfx\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/fac578a32d5b6e21164fb649fc61d641d0401774\"\u003e\u003ccode\u003efac578a\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/85540501642e9d4f9d7adcc1442885a2eddcc885\"\u003e\u003ccode\u003e8554050\u003c/code\u003e\u003c/a\u003e Update protobuf (version-3) (\u003ca href=\"https://github.com/apollographql/apollo-server/tree/HEAD/packages/apollo-server-core/issues/7412\"\u003e#7412\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/6247d96ba90de6fa9b45995dcab72758c99aab78\"\u003e\u003ccode\u003e6247d96\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apollographql/apollo-server/commit/538151b9f30dfc91036eef2f8f65fbf7922d861e\"\u003e\u003ccode\u003e538151b\u003c/code\u003e\u003c/a\u003e Release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apollographql/apollo-server/commits/apollo-server-core@3.13.0/packages/apollo-server-core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.12.0 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.12.0...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.1 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.1...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.2.0 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.2.0...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.14.1 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.14.1...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 3.0.1 to 3.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/1a78b5dd05e508d67e97764d812ac7c6d92ea88d\"\u003e\u003ccode\u003e1a78b5d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/b22a64ef94ba4f3f6ff7d1ac72a54cca128567df\"\u003e\u003ccode\u003eb22a64e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/11d9f7338f18a59b431832a3562b49baece0a432\"\u003e\u003ccode\u003e11d9f73\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.2...v3.0.3\"\u003ev3.0.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/7fecefe4ba8f775634aff86a698776ad95ecffb5\"\u003e\u003ccode\u003e7fecefe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003ecross-spawn\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003epuppeteer\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/8261fcb8bf5944d30ae3bd04b91b71d6a9932ef4\"\u003e\u003ccode\u003e8261fcb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b82f59093cdbadb4b7ec0922d33ae7ab048b82ff\"\u003e\u003ccode\u003eb82f590\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/e5df7f24383342264bd73dee3274818a40d04065\"\u003e\u003ccode\u003ee5df7f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5a5bafee894fead10da49e1fa2b084e17f2e1034\"\u003e\u003ccode\u003e5a5bafe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.2\"\u003ev3.0.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] clean up ignores \u003ca href=\"https://github.com/form-data/form-data/commit/3217b3ded8e382e51171d5c74c6038a21cc54440\"\u003e\u003ccode\u003e3217b3d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: move util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e) \u003ca href=\"https://github.com/form-data/form-data/commit/edb555a811f6f7e4668db4831551cf41c1de1cac\"\u003e\u003ccode\u003eedb555a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/9c82fcdf0858b2764060a87803a55375ffbee6ed\"\u003e\u003ccode\u003e9c82fcd\u003c/code\u003e\u003c/a\u003e v3.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e [Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e [Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e [meta] actually ensure the readme backup isn’t published\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e [meta] fix readme capitalization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e [meta] remove local commit hooks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e [Dev Deps] remove unused deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/002b9b0c4862576305292ac44f7be25ec7ccea0e\"\u003e\u003ccode\u003e002b9b0\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e [Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 0.1.7 to 0.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.1.13\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eFix backtracking (again)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImproved backtracking protection for 0.1.x, will break some previously valid paths (see previous advisory: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\"\u003ehttps://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eError on bad input\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd error on bad input values  8f09549\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eBacktrack protection\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to parameters  29b96b4\n\u003cul\u003e\n\u003cli\u003eThis will break some edge cases but should improve performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSupport non-lookahead regex output\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow a non-lookahead regex (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/312\"\u003e#312\u003c/a\u003e)  c4272e4\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9\"\u003ehttps://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSupport named matching groups in \u003ccode\u003eRegExp\u003c/code\u003e\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for named matching groups (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/301\"\u003e#301\u003c/a\u003e)  114f62d\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/blob/v.0.1.13/History.md\"\u003epath-to-regexp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.1.13 / 2026-03-26\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/9fd0c879f232c2464591f56dd7c7edad7f45b4e0\"\u003e\u003ccode\u003e9fd0c87\u003c/code\u003e\u003c/a\u003e 0.1.13 (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/425\"\u003e#425\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/7ccf02cee33402f06ed2125085992ee9cd3a7c45\"\u003e\u003ccode\u003e7ccf02c\u003c/code\u003e\u003c/a\u003e fix: CVE-2026-4867\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/640e694c6fd971f78268439df9cf44040855e669\"\u003e\u003ccode\u003e640e694\u003c/code\u003e\u003c/a\u003e 0.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4\"\u003e\u003ccode\u003ef01c26a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/0c7119248b7cb528a0aea3ba45ed4e2db007cba4\"\u003e\u003ccode\u003e0c71192\u003c/code\u003e\u003c/a\u003e 0.1.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/8f095497d678c2ec3495a99ab3928748731e73ee\"\u003e\u003ccode\u003e8f09549\u003c/code\u003e\u003c/a\u003e Add error on bad input values\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/c827fcea751b2e9ec6ca68a1b95a82e438728868\"\u003e\u003ccode\u003ec827fce\u003c/code\u003e\u003c/a\u003e 0.1.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f\"\u003e\u003ccode\u003e29b96b4\u003c/code\u003e\u003c/a\u003e Add backtrack protection to parameters\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/ac4c2345622a10a09c7ec229e3c29740935d67d7\"\u003e\u003ccode\u003eac4c234\u003c/code\u003e\u003c/a\u003e Update repo url (\u003ca href=\"https://redirect.github.com/pillarjs/path-to-regexp/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/commit/bdb663527106d51f149b12f74fca1018c20c8a53\"\u003e\u003ccode\u003ebdb6635\u003c/code\u003e\u003c/a\u003e 0.1.9\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v.0.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for path-to-regexp since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pbkdf2` from 3.1.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md\"\u003epbkdf2's changelog\u003c/a\u003e.\u003c/...\n\n_Description has been truncated_","html_url":"https://github.com/Eprince-hub/react-graphql-frontend-backend-lessons/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Eprince-hub%2Freact-graphql-frontend-backend-lessons/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-06-10T00:48:17.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4626857064","node_id":"PR_kwDOCMNbws7kn_IR","number":1,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 15 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-10T00:48:17.000Z","updated_at":"2026-06-10T00:48:25.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":15,"packages":[{"name":"auth0-js","old_version":"9.0.0","new_version":"10.0.0","repository_url":"https://github.com/auth0/auth0.js"},{"name":"bootstrap","old_version":"3.3.7","new_version":"5.0.0","repository_url":"https://github.com/twbs/bootstrap"},{"name":"browserify-sign","old_version":"4.0.4","new_version":"4.2.6","repository_url":"https://github.com/crypto-browserify/browserify-sign"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"express","old_version":"4.15.3","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"handlebars","old_version":"4.0.10","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"lodash","old_version":"4.17.4","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"min-document","old_version":"2.19.0","new_version":"2.19.2","repository_url":"https://github.com/Raynos/min-document"},{"name":"sha.js","old_version":"2.4.8","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"},{"name":"tar","old_version":"2.2.1","new_version":"2.2.2","repository_url":"https://github.com/isaacs/node-tar"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 10 updates in the /05-Token-Renewal directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [auth0-js](https://github.com/auth0/auth0.js) | `9.0.0` | `10.0.0` |\n| [bootstrap](https://github.com/twbs/bootstrap) | `3.3.7` | `5.0.0` |\n| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.6` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [express](https://github.com/expressjs/express) | `4.15.3` | `4.22.2` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.0.10` | `4.7.9` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.4` | `4.18.1` |\n| [min-document](https://github.com/Raynos/min-document) | `2.19.0` | `2.19.2` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.8` | `2.4.12` |\n| [tar](https://github.com/isaacs/node-tar) | `2.2.1` | `2.2.2` |\n\n\nUpdates `auth0-js` from 9.0.0 to 10.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/auth0/auth0.js/releases\"\u003eauth0-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.0.0\u003c/h2\u003e\n\u003cp\u003eThis fixes the release failure (\u003ca href=\"https://redirect.github.com/auth0/auth0.js/issues/1631\"\u003e#1631\u003c/a\u003e).\n\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix: Resolve CVE-2026-42280\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking change\u003c/strong\u003e\u003c/p\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eAffected\u003c/th\u003e\n\u003cth\u003eDetails\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003eApps using RS256\u003c/td\u003e\n\u003ctd\u003eNo breaking change\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eApps using HS256\u003c/td\u003e\n\u003ctd\u003e\u003ccode\u003eparseHash()\u003c/code\u003e now returns an \u003ccode\u003einvalid_token\u003c/code\u003e error instead of silently succeeding. Must switch to RS256 in the Auth0 Dashboard: Applications → your app → Settings → Advanced Settings → OAuth → JsonWebToken Signature Algorithm → \u003ccode\u003eRS256\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003ev9.32.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: update \u003ccode\u003e@​auth0/component-cdn-uploader\u003c/code\u003e to version 2.5.0 \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1613\"\u003e#1613\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.31.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add Custom Token Exchange support \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1604\"\u003e#1604\u003c/a\u003e (\u003ca href=\"https://github.com/gyaneshgouraw-okta\"\u003egyaneshgouraw-okta\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.30.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: randomString function to handle invalid length \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1583\"\u003e#1583\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.30.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Improve error handling when login fails after signup \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1552\"\u003e#1552\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: convert mock files to ES module exports \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1563\"\u003e#1563\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.29.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: add null check for challenge in captcha rendering \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1541\"\u003e#1541\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.29.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edocs(core): fix missing captcha param in signup method jsdoc \u003ca href=\"https://redirect.github.com/auth0/auth0.js/issues/1471\"\u003e#1471\u003c/a\u003e \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1522\"\u003e#1522\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat: add Claude Code PR Review workflow \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1517\"\u003e#1517\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd a Refresh Token example using MRRT \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1499\"\u003e#1499\u003c/a\u003e (\u003ca href=\"https://github.com/ivan-vazquez\"\u003eivan-vazquez\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd a Refresh Token example \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1488\"\u003e#1488\u003c/a\u003e (\u003ca href=\"https://github.com/ivan-vazquez\"\u003eivan-vazquez\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev9.28.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure done callback is correctly fired on captcha reload \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1469\"\u003e#1469\u003c/a\u003e (\u003ca href=\"https://github.com/srijonsaha\"\u003esrijonsaha\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/auth0/auth0.js/blob/master/CHANGELOG.md\"\u003eauth0-js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/auth0/auth0.js/tree/v10.0.0\"\u003ev10.0.0\u003c/a\u003e (2026-05-06)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/auth0/auth0.js/compare/v9.32.0...v10.0.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix: Resolve CVE-2026-42280\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking change\u003c/strong\u003e\u003c/p\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eAffected\u003c/th\u003e\n\u003cth\u003eDetails\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003eApps using RS256\u003c/td\u003e\n\u003ctd\u003eNo breaking change\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eApps using HS256\u003c/td\u003e\n\u003ctd\u003e\u003ccode\u003eparseHash()\u003c/code\u003e now returns an \u003ccode\u003einvalid_token\u003c/code\u003e error instead of silently succeeding. Must switch to RS256 in the Auth0 Dashboard: Applications → your app → Settings → Advanced Settings → OAuth → JsonWebToken Signature Algorithm → \u003ccode\u003eRS256\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/auth0/auth0.js/tree/v9.32.0\"\u003ev9.32.0\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/auth0/auth0.js/compare/v9.31.0...v9.32.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/auth0/auth0.js/tree/v9.31.0\"\u003ev9.31.0\u003c/a\u003e (2026-03-16)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/auth0/auth0.js/compare/v9.30.1...v9.31.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add Custom Token Exchange support \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1604\"\u003e#1604\u003c/a\u003e (\u003ca href=\"https://github.com/gyaneshgouraw-okta\"\u003egyaneshgouraw-okta\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/auth0/auth0.js/tree/v9.30.1\"\u003ev9.30.1\u003c/a\u003e (2026-02-06)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/auth0/auth0.js/compare/v9.30.0...v9.30.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: randomString function to handle invalid length \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1583\"\u003e#1583\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/auth0/auth0.js/tree/v9.30.0\"\u003ev9.30.0\u003c/a\u003e (2026-01-09)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/auth0/auth0.js/compare/v9.29.1...v9.30.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Improve error handling when login fails after signup \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1552\"\u003e#1552\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: convert mock files to ES module exports \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1563\"\u003e#1563\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/auth0/auth0.js/tree/v9.29.1\"\u003ev9.29.1\u003c/a\u003e (2025-12-17)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/auth0/auth0.js/compare/v9.29.0...v9.29.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: add null check for challenge in captcha rendering \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1541\"\u003e#1541\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/auth0/auth0.js/tree/v9.29.0\"\u003ev9.29.0\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/auth0/auth0.js/compare/v9.28.0...v9.29.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edocs(core): fix missing captcha param in signup method jsdoc \u003ca href=\"https://redirect.github.com/auth0/auth0.js/issues/1471\"\u003e#1471\u003c/a\u003e \u003ca href=\"https://redirect.github.com/auth0/auth0.js/pull/1522\"\u003e#1522\u003c/a\u003e (\u003ca href=\"https://github.com/amitsingh05667\"\u003eamitsingh05667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/5706408161535c9df05349c01dcd578139e280be\"\u003e\u003ccode\u003e5706408\u003c/code\u003e\u003c/a\u003e Release v10.0.0 (\u003ca href=\"https://redirect.github.com/auth0/auth0.js/issues/1639\"\u003e#1639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/7d0d1a78c1dc8d69480463fc621b22c018a29b0b\"\u003e\u003ccode\u003e7d0d1a7\u003c/code\u003e\u003c/a\u003e release 10.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/51dde32aaede15adceb7dd2db909aa7b42bb6d10\"\u003e\u003ccode\u003e51dde32\u003c/code\u003e\u003c/a\u003e fix : Pining NPM version to 11.10.0 (\u003ca href=\"https://redirect.github.com/auth0/auth0.js/issues/1638\"\u003e#1638\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/f87f9d3ca3d26079207b83b88af20eb1c2211560\"\u003e\u003ccode\u003ef87f9d3\u003c/code\u003e\u003c/a\u003e fix: revert NODE_VERSION to 22.22.2 in workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/db1e15c1598fabdf531c59e42b319cf3cf142e6f\"\u003e\u003ccode\u003edb1e15c\u003c/code\u003e\u003c/a\u003e Merge branch 'fix/release10' of github.com:auth0/auth0.js into fix/release10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/43e77b1a164a19955a281ec275abe2fa8b121570\"\u003e\u003ccode\u003e43e77b1\u003c/code\u003e\u003c/a\u003e fix: update Node.js version to 24 in workflows and npm publish action\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/fee85333ea9ac2a5cf0d9c2409d32e5b3d0f549e\"\u003e\u003ccode\u003efee8533\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into fix/release10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/15655246ac43b01f41eadee0c955a9ff3605b764\"\u003e\u003ccode\u003e1565524\u003c/code\u003e\u003c/a\u003e fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/c5156ff6f0e06eb824df5ed2460c907d9b955faa\"\u003e\u003ccode\u003ec5156ff\u003c/code\u003e\u003c/a\u003e Release v10.0.0 (\u003ca href=\"https://redirect.github.com/auth0/auth0.js/issues/1637\"\u003e#1637\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/auth0/auth0.js/commit/8b9fd377880cf65f9f61ea67152870e6b912425f\"\u003e\u003ccode\u003e8b9fd37\u003c/code\u003e\u003c/a\u003e Release v10.0.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/auth0/auth0.js/compare/v9.0.0...v10.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for auth0-js since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bootstrap` from 3.3.7 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/twbs/bootstrap/releases\"\u003ebootstrap's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eHighlights\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32155\"\u003e#32155\u003c/a\u003e: Updated \u003ccode\u003emake-col()\u003c/code\u003e mixin to generate equal columns when no size is specified\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32763\"\u003e#32763\u003c/a\u003e: Added new \u003ccode\u003ecolor-scheme()\u003c/code\u003e mixin\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33389\"\u003e#33389\u003c/a\u003e: Dropdown menus now have option become clickable\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33453\"\u003e#33453\u003c/a\u003e: Added new docs footer\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33548\"\u003e#33548\u003c/a\u003e: Offcanvas header components are now vertically aligned\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33549\"\u003e#33549\u003c/a\u003e: Added offcanvas-top modifier\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33634\"\u003e#33634\u003c/a\u003e: Added support for \u003ccode\u003e.dropdown-item\u003c/code\u003es wrapped in \u003ccode\u003e\u0026lt;li\u0026gt;\u003c/code\u003es\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33626\"\u003e#33626\u003c/a\u003e: Fix v5 regressions in tab dropdown functionality\u003c/p\u003e\n\u003ch2\u003e🚀 Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32763\"\u003e#32763\u003c/a\u003e: Add \u003ccode\u003ecolor-scheme\u003c/code\u003e mixin\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33389\"\u003e#33389\u003c/a\u003e: Dropdown — Add option to make the dropdown menu clickable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33549\"\u003e#33549\u003c/a\u003e: Add offcanvas-top modifier\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🎨 CSS\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32155\"\u003e#32155\u003c/a\u003e: Add equal column mixin\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32763\"\u003e#32763\u003c/a\u003e: Add \u003ccode\u003ecolor-scheme\u003c/code\u003e mixin\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33292\"\u003e#33292\u003c/a\u003e: Make accordion icon rotation more natural\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33411\"\u003e#33411\u003c/a\u003e: Fix validation feedback icon in select multiple\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33478\"\u003e#33478\u003c/a\u003e: Make \u003ccode\u003e.nav-link\u003c/code\u003e color consistent when using buttons\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33482\"\u003e#33482\u003c/a\u003e: Dropdown — Apply positioning only when Popper is not used\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33548\"\u003e#33548\u003c/a\u003e: Vertically align offcanvas header components\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33549\"\u003e#33549\u003c/a\u003e: Add offcanvas-top modifier\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33550\"\u003e#33550\u003c/a\u003e: Spinner alignment changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33598\"\u003e#33598\u003c/a\u003e: Hide validation icons from multiple selects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33600\"\u003e#33600\u003c/a\u003e: Have $form-check-input-border's default derive from $black\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33607\"\u003e#33607\u003c/a\u003e: Reduce color-scheme complexity\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33642\"\u003e#33642\u003c/a\u003e: use \u003ccode\u003e:read-only\u003c/code\u003e css selector instead \u003ccode\u003e[readonly]\u003c/code\u003e for consistency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33658\"\u003e#33658\u003c/a\u003e: fix: use list-group variable instead of alert\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33736\"\u003e#33736\u003c/a\u003e: accordion: fix \u003ccode\u003eborder-top\u003c/code\u003e on Firefox\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e☕️ JavaScript\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32439\"\u003e#32439\u003c/a\u003e: Decouple BackDrop from modal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33245\"\u003e#33245\u003c/a\u003e: Decouple Modal's scrollbar functionality\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33249\"\u003e#33249\u003c/a\u003e: Simplify Modal Config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33250\"\u003e#33250\u003c/a\u003e: Simplify ScrollSpy config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33310\"\u003e#33310\u003c/a\u003e: fix: make EventHandler better handle mouseenter/mouseleave events\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33389\"\u003e#33389\u003c/a\u003e: Dropdown — Add option to make the dropdown menu clickable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33429\"\u003e#33429\u003c/a\u003e: Remove element event listeners through base component\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33451\"\u003e#33451\u003c/a\u003e: Add missing things in \u003ccode\u003ehide\u003c/code\u003e method of dropdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33456\"\u003e#33456\u003c/a\u003e: Use our \u003ccode\u003eisDisabled\u003c/code\u003e util on dropdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33466\"\u003e#33466\u003c/a\u003e: Refactor dropdown's hide functionality\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33479\"\u003e#33479\u003c/a\u003e: Fix dropdown escape propagation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33496\"\u003e#33496\u003c/a\u003e:  Use cached \u003ccode\u003enoop\u003c/code\u003e function\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/bf0936748602c8109fd916c64b4560799fa1c3f8\"\u003e\u003ccode\u003ebf09367\u003c/code\u003e\u003c/a\u003e Release v5.0.0 (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33647\"\u003e#33647\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/48ae5a7149d30d7d80cecbaaabaa88f7679c9172\"\u003e\u003ccode\u003e48ae5a7\u003c/code\u003e\u003c/a\u003e Rewrite migration guide (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33834\"\u003e#33834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/f0865727b7d5f274a818510219e024d227affe11\"\u003e\u003ccode\u003ef086572\u003c/code\u003e\u003c/a\u003e refactor(docs): Added form file input variables (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33833\"\u003e#33833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/1a54286befabfb8c18de420df4d7074ab7eb77b3\"\u003e\u003ccode\u003e1a54286\u003c/code\u003e\u003c/a\u003e Fix doc typo and Bootstrap Icons link (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33832\"\u003e#33832\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/e2df73fa9a2062ed5489a1bd80b9d0ddbf211a53\"\u003e\u003ccode\u003ee2df73f\u003c/code\u003e\u003c/a\u003e Update migration guide for some v5 changes (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33829\"\u003e#33829\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/1e6356ab43df6ca3e0c05499a4d690235fbd6fc7\"\u003e\u003ccode\u003e1e6356a\u003c/code\u003e\u003c/a\u003e Neutralise more words from placeholder text (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33731\"\u003e#33731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/6633845901672cb642c0975e6fea3d1a1fa20058\"\u003e\u003ccode\u003e6633845\u003c/code\u003e\u003c/a\u003e Bump eslint-config-xo from 0.35.0 to 0.36.0 (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33646\"\u003e#33646\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/cb38744cf79b347ec2a32e0dcfe5c42402dc15ea\"\u003e\u003ccode\u003ecb38744\u003c/code\u003e\u003c/a\u003e Tweak toast docs (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33810\"\u003e#33810\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/c2ff22532e9f05d98b8db7c0b179d252387e77a3\"\u003e\u003ccode\u003ec2ff225\u003c/code\u003e\u003c/a\u003e Bump rollup from 2.46.0 to 2.47.0 (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33818\"\u003e#33818\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/c090ea2f4fbdc12e37def7c3bf9eb4c96c804d34\"\u003e\u003ccode\u003ec090ea2\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​babel/preset-env\u003c/code\u003e from 7.14.0 to 7.14.1 (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33819\"\u003e#33819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/twbs/bootstrap/compare/v3.3.7...v5.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~mdo\"\u003emdo\u003c/a\u003e, a new releaser for bootstrap since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `browserify-sign` from 4.0.4 to 4.2.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md\"\u003ebrowserify-sign's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.5...v4.2.6\"\u003ev4.2.6\u003c/a\u003e - 2026-05-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] increase coverage \u003ca href=\"https://github.com/browserify/browserify-sign/commit/6f06a33bd0fe2026a7bbd29615247eef8857a3be\"\u003e\u003ccode\u003e6f06a33\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] sign/verify generic SHA algorithms with RSA keys \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d2a3f56849f6144fa401747f3a7d4ba50b2f6375\"\u003e\u003ccode\u003ed2a3f56\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/59163472512ff1dd7364e306c2f84c9612713e59\"\u003e\u003ccode\u003e5916347\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/fb4be1da89c096a702db2516ee7a316efb84f90f\"\u003e\u003ccode\u003efb4be1d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ebn.js\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/da150041ced8bdf06d1115c6f9443bac066dd6ee\"\u003e\u003ccode\u003eda15004\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] set audit-level to make posttest happy \u003ca href=\"https://github.com/browserify/browserify-sign/commit/224dffe2ff5d2e4bed83f360aab4ada951a66544\"\u003e\u003ccode\u003e224dffe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.4...v4.2.5\"\u003ev4.2.5\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] clean up tests and convert console info skips to tape skips \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] drop unsupported nodes from CI \u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.3...v4.2.4\"\u003ev4.2.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[actions] split out node 10-20, and 20+ \u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove \u003ccode\u003efiles\u003c/code\u003e field \u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003esemver\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5f6698211aa1d6dddaba8c245f40f63ae28924a3\"\u003e\u003ccode\u003e5f66982\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] replace \u003ccode\u003eaud\u003c/code\u003e with \u003ccode\u003enpm audit\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d44b24d8691d699ccc76780b106fe9c1bf0d1558\"\u003e\u003ccode\u003ed44b24d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] revert 9e2bf12, now that v3.1.1 is out \u003ca href=\"https://github.com/browserify/browserify-sign/commit/428cf7f3f0d09f1b39312e5e51620ca684b5c1ac\"\u003e\u003ccode\u003e428cf7f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.2...v4.2.3\"\u003ev4.2.3\u003c/a\u003e - 2024-03-05\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[patch] widen support to 0.12 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9247adfd261ededfec1c036c9d8f36c4e9f87c0e\"\u003e\u003ccode\u003e9247adf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[patch] drop minimum node support to v1 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/4d0ee49ae2dc238b877dce9aed7e23fb4cb5088d\"\u003e\u003ccode\u003e4d0ee49\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eaud\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/87f3a35a587b377da2c1987af8d41c57b5afe0a5\"\u003e\u003ccode\u003e87f3a35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] remove redundant finisher \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37a475856843b7d1b2403fdafac0024ba252e579\"\u003e\u003ccode\u003e37a4758\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003ehash-base\u003c/code\u003e to ~3.0, due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9e2bf122b70970cb92f69d53e963f18299f14d66\"\u003e\u003ccode\u003e9e2bf12\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1 [\u003c/code\u003ef427270`](\u003ca href=\"https://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\"\u003ehttps://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/fb261cea57f92b3d98bc4d8bc6228c43a5de2e91\"\u003e\u003ccode\u003efb261ce\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003eelliptic\u003c/code\u003e due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/168e16fcb54886a0281b0c983e1482a097042684\"\u003e\u003ccode\u003e168e16f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.1...v4.2.2\"\u003ev4.2.2\u003c/a\u003e - 2023-10-25\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] log when openssl doesn't support cipher \u003ca href=\"https://redirect.github.com/browserify/browserify-sign/issues/37\"\u003e\u003ccode\u003e[#37](https://github.com/crypto-browserify/browserify-sign/issues/37)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/342573865d9792300f40ebda912d38295a3d19f1\"\u003e\u003ccode\u003e3425738\u003c/code\u003e\u003c/a\u003e v4.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/fb4be1da89c096a702db2516ee7a316efb84f90f\"\u003e\u003ccode\u003efb4be1d\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/d2a3f56849f6144fa401747f3a7d4ba50b2f6375\"\u003e\u003ccode\u003ed2a3f56\u003c/code\u003e\u003c/a\u003e [Fix] sign/verify generic SHA algorithms with RSA keys\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/224dffe2ff5d2e4bed83f360aab4ada951a66544\"\u003e\u003ccode\u003e224dffe\u003c/code\u003e\u003c/a\u003e [meta] set audit-level to make posttest happy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/da150041ced8bdf06d1115c6f9443bac066dd6ee\"\u003e\u003ccode\u003eda15004\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003ebn.js\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/59163472512ff1dd7364e306c2f84c9612713e59\"\u003e\u003ccode\u003e5916347\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/6f06a33bd0fe2026a7bbd29615247eef8857a3be\"\u003e\u003ccode\u003e6f06a33\u003c/code\u003e\u003c/a\u003e [Tests] increase coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/d3a7458af692134219fce56a082068f678e12474\"\u003e\u003ccode\u003ed3a7458\u003c/code\u003e\u003c/a\u003e v4.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e [Tests] clean up tests and convert console info skips to tape skips\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e [Fix] restore node 0.10 support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/browserify-sign/compare/v4.0.4...v4.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for browserify-sign since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookiejar` from 2.1.1 to 2.1.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/bmeck/node-cookiejar/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `crypto-js` from 3.1.9-1 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/808f499ec789fcd68416328a40b8735a5c962116\"\u003e\u003ccode\u003e808f499\u003c/code\u003e\u003c/a\u003e Merge branch 'release/4.2.0'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/d5af3ae4130f63342e5623a22f225c612a32e34a\"\u003e\u003ccode\u003ed5af3ae\u003c/code\u003e\u003c/a\u003e Update release notes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/9496e07c9a727f54e98942e86dd931d27558ea02\"\u003e\u003ccode\u003e9496e07\u003c/code\u003e\u003c/a\u003e Bump version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/421dd538b2d34e7c24a5b72cc64dc2b9167db40a\"\u003e\u003ccode\u003e421dd53\u003c/code\u003e\u003c/a\u003e Change default hash algorithm and iteration's for PBKDF2 to prevent weak secu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/d1f4f4daec4f053be3eea4f6233d1d05ccec22fa\"\u003e\u003ccode\u003ed1f4f4d\u003c/code\u003e\u003c/a\u003e Update grunt.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/c7552897a45df2a32a595b7708addbe865a8b64d\"\u003e\u003ccode\u003ec755289\u003c/code\u003e\u003c/a\u003e Discontinued\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/1da3dabf93f0a0435c47627d6f171ad25f452012\"\u003e\u003ccode\u003e1da3dab\u003c/code\u003e\u003c/a\u003e Discontinued\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/4dcaa7afd08f48cd285463b8f9499cdb242605fa\"\u003e\u003ccode\u003e4dcaa7a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/brix/crypto-js/issues/380\"\u003e#380\u003c/a\u003e from Alanscut/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/762feb23a59f5db565b1e9c7ffbe7476264b755f\"\u003e\u003ccode\u003e762feb2\u003c/code\u003e\u003c/a\u003e chore: rename BF to Blowfish\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/brix/crypto-js/commit/fb81418583004d903fbc63190be21e460a52521b\"\u003e\u003ccode\u003efb81418\u003c/code\u003e\u003c/a\u003e feat: blowfish support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/brix/crypto-js/compare/3.1.9-1...4.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.15.3 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.15.3...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.0.10 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8 - July 27th, 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.7 - February 15th, 2021\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix weird error in integration tests - eb860c0\u003c/li\u003e\n\u003cli\u003efix: check prototype property access in strict-mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1736\"\u003e#1736\u003c/a\u003e) - b6d3de7\u003c/li\u003e\n\u003cli\u003efix: escape property names in compat mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1736\"\u003e#1736\u003c/a\u003e) - f058970\u003c/li\u003e\n\u003cli\u003erefactor: In spec tests, use expectTemplate over equals and shouldThrow (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1683\"\u003e#1683\u003c/a\u003e) - 77825f8\u003c/li\u003e\n\u003cli\u003echore: start testing on Node.js 12 and 13 - 3789a30\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e(POSSIBLY) BREAKING CHANGES:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ethe changes from version \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md#v460---january-8th-2020\"\u003e4.6.0\u003c/a\u003e now also apply\nin when using the compile-option \u0026quot;strict: true\u0026quot;. Access to prototype properties is forbidden completely by default, specific properties or methods\ncan be allowed via runtime-options. See \u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1633\"\u003e#1633\u003c/a\u003e for details. If you are using Handlebars as documented, you should not be accessing prototype properties\nfrom your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThat is why we only bump the patch version despite mentioning breaking changes.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/wycats/handlebars.js/compare/v4.7.6...v4.7.7\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.6 - April 3rd, 2020\u003c/h2\u003e\n\u003cp\u003eChore/Housekeeping:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/wycats/handlebars.js/issues/1672\"\u003e#1672\u003c/a\u003e - Switch cmd parser to latest minimist (\u003ca href=\"https://api.github.com/users/dougwilson\"\u003e\u003ccode\u003e@​dougwilson\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCompatibility notes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestored Node.js compatibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/dce542c9a660048d31f0981ac8a45c08b919bddb\"\u003e\u003ccode\u003edce542c\u003c/code\u003e\u003c/a\u003e v4.7.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8a41389ba5b2624b6f43a5463d8e2533b843a562\"\u003e\u003ccode\u003e8a41389\u003c/code\u003e\u003c/a\u003e Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2\"\u003e\u003ccode\u003e68d8df5\u003c/code\u003e\u003c/a\u003e Fix security issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/b2a083136b11e1da9f0f47a11f749a9830a49328\"\u003e\u003ccode\u003eb2a0831\u003c/code\u003e\u003c/a\u003e Fix browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/9f98c1629834abf8de5a127caff8a2eab03d2c12\"\u003e\u003ccode\u003e9f98c16\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/45443b4290475dfb7cec32a85d344f12ab345eb9\"\u003e\u003ccode\u003e45443b4\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Improve partial indenting performance\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8841a5f6d35096aee95d68e1e49636a4cb5c661e\"\u003e\u003ccode\u003e8841a5f\u003c/code\u003e\u003c/a\u003e Fix CI errors with linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e0137c26f2202593bca7cc25184e733e87d54709\"\u003e\u003ccode\u003ee0137c2\u003c/code\u003e\u003c/a\u003e fix: enable shell mode for spawn to resolve Windows EINVAL issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e914d6037ffb0dd371f7e4823cdb019732ae66d7\"\u003e\u003ccode\u003ee914d60\u003c/code\u003e\u003c/a\u003e Improve rendering performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/7de4b41c344a5d702edca93d1841b59642fa32bd\"\u003e\u003ccode\u003e7de4b41\u003c/code\u003e\u003c/a\u003e Upgrade GitHub Actions checkout and setup-node on 4.x branch\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.0.10...v4.7.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jaylinski\"\u003ejaylinski\u003c/a\u003e, a new releaser for handlebars since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.4 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.4...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `min-document` from 2.19.0 to 2.19.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/0d14150640e4dd159e092eb551b3aca8f3378991\"\u003e\u003ccode\u003e0d14150\u003c/code\u003e\u003c/a\u003e 2.19.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/49c2e0607bece7a041b8935bfb044ce6b65777d8\"\u003e\u003ccode\u003e49c2e06\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Raynos/min-document/issues/56\"\u003e#56\u003c/a\u003e from wasabina67/fix/prototype-pollution-removeAttribut...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/966646172d9063f880aeaf79882edfc3a0ceaca4\"\u003e\u003ccode\u003e9666461\u003c/code\u003e\u003c/a\u003e Fix prototype pollution vulnerability in removeAttributeNS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/4490b40cbb19feb26b09f217690a0969d1a89d51\"\u003e\u003ccode\u003e4490b40\u003c/code\u003e\u003c/a\u003e 2.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/2cd587153733d3346365df6033067f64f07690f5\"\u003e\u003ccode\u003e2cd5871\u003c/code\u003e\u003c/a\u003e update ignore\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/fe32e8da464cef622528725f647029a8fd7d95a6\"\u003e\u003ccode\u003efe32e8d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Raynos/min-document/issues/55\"\u003e#55\u003c/a\u003e from jameswassink/fix/prototype-pollution-removeAttrib...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/6c5f31aa57e2122fcedd4c7eae58b82f477e09f5\"\u003e\u003ccode\u003e6c5f31a\u003c/code\u003e\u003c/a\u003e Better prototype pollution fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/0d4e8192ef723fb869645256102a56ed922efd68\"\u003e\u003ccode\u003e0d4e819\u003c/code\u003e\u003c/a\u003e Fix prototype pollution in removeAttributeNS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/bf7b69130a364b5c6fcb8e623bffe43054994c65\"\u003e\u003ccode\u003ebf7b691\u003c/code\u003e\u003c/a\u003e Update package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/1b5402dcd5df3bf2575e71d463baa44dc2c05571\"\u003e\u003ccode\u003e1b5402d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Raynos/min-document/issues/49\"\u003e#49\u003c/a\u003e from PixnBits/patch-1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Raynos/min-document/compare/v2.19.0...v2.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `path-to-regexp` from 0.1.7 to 0.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/path-to-regexp/releases\"\u003epath-to-regexp's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.1.13\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-4867\"\u003eCVE-2026-4867\u003c/a\u003e (\u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-37ch-88jc-xwx2\"\u003eGHSA-37ch-88jc-xwx2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.12...v.0.1.13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eFix backtracking (again)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImproved backtracking protection for 0.1.x, will break some previously valid paths (see previous advisory: \u003ca href=\"https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\"\u003ehttps://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.11...v0.1.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eError on bad input\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eChanged\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd error on bad input values  8f09549\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\"\u003ehttps://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eBacktrack protection\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd backtrack protection to parameters  29b96b4\n\u003cul\u003e\n\u003cli\u003eThis will break some edge cases but should improve performance\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"h...\n\n_Description has been truncated_","html_url":"https://github.com/lisaross/auth0-react-samples/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/lisaross%2Fauth0-react-samples/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-06-05T12:23:28.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4596863856","node_id":"PR_kwDOQj2LP87jGF7G","number":1,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-05T12:23:28.000Z","updated_at":"2026-06-05T12:28:13.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":16,"packages":[{"name":"axios","old_version":"0.18.0","new_version":"0.32.0","repository_url":"https://github.com/axios/axios"},{"name":"express","old_version":"4.16.4","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"lodash","old_version":"4.17.11","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"nodemailer","old_version":"4.7.0","new_version":"8.0.5","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"webpack-dev-server","old_version":"3.1.14","new_version":"5.2.4","repository_url":"https://github.com/webpack/webpack-dev-server"},{"name":"base-x","old_version":"3.0.4","new_version":"3.0.11","repository_url":"https://github.com/cryptocoinjs/base-x"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"handlebars","old_version":"4.0.5","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"on-headers","old_version":"1.0.1","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"pbkdf2","old_version":"3.0.17","new_version":"3.1.6","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"tar-fs","old_version":"1.16.3","new_version":"1.16.6","repository_url":"https://github.com/mafintosh/tar-fs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 12 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.18.0` | `0.32.0` |\n| [express](https://github.com/expressjs/express) | `4.16.4` | `4.22.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.11` | `4.18.1` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `4.7.0` | `8.0.5` |\n| [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `3.1.14` | `5.2.4` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.4` | `3.0.11` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.0.5` | `4.7.9` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.1` | `1.1.0` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.0.17` | `3.1.6` |\n| [tar-fs](https://github.com/mafintosh/tar-fs) | `1.16.3` | `1.16.6` |\n\n\nUpdates `axios` from 0.18.0 to 0.32.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.32.0 — May 4, 2026\u003c/h2\u003e\n\u003cp\u003eThis release backports a comprehensive set of security and hardening fixes from the v1.x branch into v0.x, covering prototype-pollution protections, default error redaction, stricter proxy/cookie/socket handling, and one breaking change to merged config and header object prototypes.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNull-prototype merged objects: mergeConfig and header merging now return objects with a null prototype to block prototype-pollution gadgets. Consumers must use Object.prototype.hasOwnProperty.call(obj, key) and avoid implicit string coercion against merged config or header objects. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefault error redaction: AxiosError.toJSON() now redacts sensitive keys by default to prevent credential leaks in logs. The behavior is configurable via config.redact, with defaults exposed on defaults.redact. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCookie \u0026amp; XSRF handling: Cookie names are read literally rather than via regex, and only own properties are respected when evaluating withXSRFToken. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProxy bypass IPv6 parity: NO_PROXY matching now handles canonical IPv4-mapped IPv6 forms such as ::ffff:127.0.0.1 and ::ffff:7f00:1. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNode http adapter hardening: Strips Proxy-Authorization when no proxy is in use and gates socketPath behind a new allowedSocketPaths allowlist (string or array, normalized) to reduce accidental Unix socket exposure. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBrowser xhr adapter: Stricter own-property checks when reading config and headers. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eURL parameters: AxiosURLSearchParams keeps %00 encoded and applies consistent encoding throughout. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePublic type surface: Adds formDataHeaderPolicy, redact, and allowedSocketPaths to the TypeScript declarations alongside their runtime defaults. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepo hygiene: Updates README.md and CHANGELOG.md, adds AGENTS.md, and refreshes the issue and PR templates. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.1...v0.32.0\"\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.1\u003c/h2\u003e\n\u003cp\u003eThis release backports a broad set of security hardenings from the v1 line — covering prototype-pollution defences, stream size enforcement, XSRF handling, URL null-byte encoding, and bounded FormData recursion — and drops committed \u003ccode\u003edist/\u003c/code\u003e artefacts along with Bower support.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBower \u0026amp; Committed \u003ccode\u003edist/\u003c/code\u003e Removed:\u003c/strong\u003e \u003ccode\u003edist/\u003c/code\u003e bundles are no longer committed to the repo, and \u003ccode\u003ebower.json\u003c/code\u003e plus the Grunt \u003ccode\u003epackage2bower\u003c/code\u003e task have been removed. CI still builds bundles before publish, so npm/yarn/pnpm consumers are unaffected; installs via Bower or directly from the git tree must migrate to npm or a CDN. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Header Merge (GHSA-6chq-wfr3-2hj9):\u003c/strong\u003e Tightened \u003ccode\u003eisFormData\u003c/code\u003e to reject plain/null-prototype objects and require \u003ccode\u003eappend\u003c/code\u003e, and guarded the Node HTTP adapter so \u003ccode\u003edata.getHeaders()\u003c/code\u003e is only merged when it is not inherited from \u003ccode\u003eObject.prototype\u003c/code\u003e. Blocks injected headers via polluted \u003ccode\u003egetHeaders\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Config Merging (GHSA-pf86-5x62-jrwf):\u003c/strong\u003e \u003ccode\u003emergeConfig\u003c/code\u003e, defaults resolution, and the HTTP adapter now uses own-property checks for \u003ccode\u003etransport\u003c/code\u003e, \u003ccode\u003eenv\u003c/code\u003e, \u003ccode\u003eBlob\u003c/code\u003e, \u003ccode\u003eformSerializer\u003c/code\u003e, and transforms arrays, and merged configs are returned as null-prototype objects. Prevents hijacking of the request flow through polluted prototypes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFormData / Params Recursion DoS:\u003c/strong\u003e Added a configurable \u003ccode\u003emaxDepth\u003c/code\u003e (default \u003ccode\u003e100\u003c/code\u003e, \u003ccode\u003eInfinity\u003c/code\u003e disables) to \u003ccode\u003etoFormData\u003c/code\u003e and params serialisation, throwing \u003ccode\u003eAxiosError\u003c/code\u003e with code \u003ccode\u003eERR_FORM_DATA_DEPTH_EXCEEDED\u003c/code\u003e when exceeded. Circular-reference detection is preserved. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNull-Byte Injection in Query Strings:\u003c/strong\u003e Removed the unsafe \u003ccode\u003e%00\u003c/code\u003e → null-byte substitution from \u003ccode\u003eAxiosURLSearchParams.encode\u003c/code\u003e so \u003ccode\u003e%00\u003c/code\u003e is preserved as-is. Other encoding behaviour (including \u003ccode\u003e%20\u003c/code\u003e → \u003ccode\u003e+\u003c/code\u003e) unchanged. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eConsolidated v1 Security Backport:\u003c/strong\u003e Rolls up remaining v1 hardenings into \u003ccode\u003ev0.x\u003c/code\u003e: \u003ccode\u003emaxContentLength\u003c/code\u003e enforcement for \u003ccode\u003eresponseType: 'stream'\u003c/code\u003e via a guarded transform with deferred piping, \u003ccode\u003emaxBodyLength\u003c/code\u003e enforcement for streamed uploads on native \u003ccode\u003ehttp\u003c/code\u003e/\u003ccode\u003ehttps\u003c/code\u003e with \u003ccode\u003emaxRedirects: 0\u003c/code\u003e, and stricter \u003ccode\u003ewithXSRFToken\u003c/code\u003e handling so only own boolean \u003ccode\u003etrue\u003c/code\u003e enables cross-origin XSRF headers. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCODEOWNERS:\u003c/strong\u003e Added \u003ccode\u003e.github/CODEOWNERS\u003c/code\u003e with \u003ccode\u003e* @jasonsaayman\u003c/code\u003e to set a default reviewer for all paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.0...v0.31.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.0\u003c/h2\u003e\n\u003cp\u003eThis release backports security fixes from v1.x, hardens the CI/CD supply chain with OIDC publishing and \u003ccode\u003ezizmor\u003c/code\u003e scanning, resolves TypeScript typing issues in \u003ccode\u003eAxiosInstance\u003c/code\u003e, and fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8db2d44896849a21ed9721185b1034df24e1ba7b\"\u003e\u003ccode\u003e8db2d44\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.32.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10840\"\u003e#10840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2af6116a957b1dd1b32056181326da8a5540d3bc\"\u003e\u003ccode\u003e2af6116\u003c/code\u003e\u003c/a\u003e chore: backport fixes from the v1x branch (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a589dc525af12e0fabef7d6e5be028ad433eee31\"\u003e\u003ccode\u003ea589dc5\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.31.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10766\"\u003e#10766\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b0c632f36a5ea2e73c9bdf3a54164a8ede925736\"\u003e\u003ccode\u003eb0c632f\u003c/code\u003e\u003c/a\u003e fix: backport security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b52187f4571b6b8663fed5904e3082ab30660364\"\u003e\u003ccode\u003eb52187f\u003c/code\u003e\u003c/a\u003e fix: harden config merging (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e3ddeb40f6a142a234925341151e2ca631a6de64\"\u003e\u003ccode\u003ee3ddeb4\u003c/code\u003e\u003c/a\u003e fix: header security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f4f2d76e25cc0f777e5416e2d76282ab873ef9dc\"\u003e\u003ccode\u003ef4f2d76\u003c/code\u003e\u003c/a\u003e chore: stop committing dist/ and remove bower (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1f2f64433e5be205d74471c78c2721909282b9c0\"\u003e\u003ccode\u003e1f2f644\u003c/code\u003e\u003c/a\u003e chore: add CODEOWNERS (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44bca902e1bdd7dd6490c7b4985b63e729b0e634\"\u003e\u003ccode\u003e44bca90\u003c/code\u003e\u003c/a\u003e fix: improve regex in AxiosURLSearchParams (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4c4f07fabdb005f5430bab797f12b55e2ed5fb33\"\u003e\u003ccode\u003e4c4f07f\u003c/code\u003e\u003c/a\u003e fix: form data recursion (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.18.0...v0.32.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.16.4 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.16.4...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.11 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.11...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nodemailer` from 4.7.0 to 8.0.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/releases\"\u003enodemailer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.5\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5\"\u003e8.0.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode SMTP server responses as UTF-8 at line boundary (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e95876b1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e0a43876\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.4\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.3\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.0...v8.0.1\"\u003e8.0.1\u003c/a\u003e (2026-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/7f8dde41438c66b8311e888fa5f8c518fcaba6f1\"\u003e7f8dde4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/381f628d55e62bb3131bd2a452fa1ce00bc48aea\"\u003e381f628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Gmail Workspace service configuration (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1787\"\u003e#1787\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/dc97ede417b3030b311771541b1f17f5ca76bcbf\"\u003edc97ede\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md\"\u003enodemailer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.4...v8.0.5\"\u003e8.0.5\u003c/a\u003e (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edecode SMTP server responses as UTF-8 at line boundary (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e95876b1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e0a43876\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4\"\u003e8.0.4\u003c/a\u003e (2026-03-25)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esanitize envelope size to prevent SMTP command injection (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e2d7b971\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.2...v8.0.3\"\u003e8.0.3\u003c/a\u003e (2026-03-18)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eclean up addressparser and fix group name fallback producing undefined (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/9d55877f8ed15a6aefd7ba76cbb6b6a6cdbcc4fd\"\u003e9d55877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix cookie bugs, remove dead code, and improve hot-path efficiency (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003ee8c8b92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erefactor smtp-connection for clarity and add Node.js 6 syntax compat test (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c5b48ea61c28eabf347972f4198a12cdab226ff7\"\u003ec5b48ea\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove familySupportCache that broke DNS resolution tests (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003ec803d90\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.1...v8.0.2\"\u003e8.0.2\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emerge fragmented display names with unquoted commas in addressparser (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/fe27f7fd57f7587d897274438da2f628ad0ad7d9\"\u003efe27f7f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.0...v8.0.1\"\u003e8.0.1\u003c/a\u003e (2026-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/7f8dde41438c66b8311e888fa5f8c518fcaba6f1\"\u003e7f8dde4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eabsorb TLS errors during socket teardown (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/381f628d55e62bb3131bd2a452fa1ce00bc48aea\"\u003e381f628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Gmail Workspace service configuration (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1787\"\u003e#1787\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/dc97ede417b3030b311771541b1f17f5ca76bcbf\"\u003edc97ede\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v7.0.13...v8.0.0\"\u003e8.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eError code 'NoAuth' renamed to 'ENOAUTH'\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/202cfb3e14010223204e9ba9f7430176be624f0f\"\u003e\u003ccode\u003e202cfb3\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.5 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1809\"\u003e#1809\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/b634abf05959edcc7207cdaba2c6541f92994cbb\"\u003e\u003ccode\u003eb634abf\u003c/code\u003e\u003c/a\u003e docs: add CLAUDE.md with project conventions and release process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/95876b103e587e49583e43f88cb2c3a61556f3ac\"\u003e\u003ccode\u003e95876b1\u003c/code\u003e\u003c/a\u003e fix: decode SMTP server responses as UTF-8 at line boundary\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e\"\u003e\u003ccode\u003e0a43876\u003c/code\u003e\u003c/a\u003e fix: sanitize CRLF in transport name option to prevent SMTP command injection...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/08e59e64d0f8595fa535f07061787e0946372657\"\u003e\u003ccode\u003e08e59e6\u003c/code\u003e\u003c/a\u003e chore: update dev dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d319753c34d2f0ced24d8eb1d7d866d965f59f4\"\u003e\u003ccode\u003e2d31975\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.4 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1806\"\u003e#1806\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651\"\u003e\u003ccode\u003e2d7b971\u003c/code\u003e\u003c/a\u003e fix: sanitize envelope size to prevent SMTP command injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/4e702e97650aaff442a7bc040957ba9c53c614b8\"\u003e\u003ccode\u003e4e702e9\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.3 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1804\"\u003e#1804\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/c803d901f195a21edbb2c276b2e116564467aaaa\"\u003e\u003ccode\u003ec803d90\u003c/code\u003e\u003c/a\u003e fix: remove familySupportCache that broke DNS resolution tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/e8c8b92f46f2a82d06d49cc9a6ffc26067f68524\"\u003e\u003ccode\u003ee8c8b92\u003c/code\u003e\u003c/a\u003e fix: fix cookie bugs, remove dead code, and improve hot-path efficiency\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v4.7.0...v8.0.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for nodemailer since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `webpack-dev-server` from 3.1.14 to 5.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack-dev-server/releases\"\u003ewebpack-dev-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.4\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.3...v5.2.4\"\u003e5.2.4\u003c/a\u003e (2026-05-11)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eset Cross-Origin-Resource-Policy header to prevent source code theft over HTTP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.3\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.2...v5.2.3\"\u003e5.2.3\u003c/a\u003e (2026-01-12)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ecause\u003c/code\u003e for \u003ccode\u003eerrorObject\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5518\"\u003e#5518\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/37b033da2c48335178495a1987c469a26ef3de60\"\u003e37b033d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with event target and universal target and lazy compilation  (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/574026c44b9c51f0bbd2f5a2836c54607289a071\"\u003e574026c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eoverlay:\u003c/strong\u003e add ESC key to dismiss overlay (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5598\"\u003e#5598\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/f91baa8831e061e2998849966b8002b40b83fb07\"\u003ef91baa8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eprogress indicator styles (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5557\"\u003e#5557\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/41a53a1accdb0a90785d82cbe8a079794eeed3c8\"\u003e41a53a1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade selfsigned to v5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.2\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.1...v5.2.2\"\u003e5.2.2\u003c/a\u003e (2025-06-03)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u0026quot;Overlay enabled\u0026quot; false positive (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/18e72ee3e57a6e7598a6c068c0ff7c7bb6a857f1\"\u003e18e72ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not crush when error is null for runtime errors (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5447\"\u003e#5447\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/309991f947baa0354140b9930a9654ac792e20c4\"\u003e309991f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove unnecessary header \u003ccode\u003eX_TEST\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5451\"\u003e#5451\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/64a6124bf1b4d158bb42a4341dd03121ae3759fa\"\u003e64a6124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erespect the \u003ccode\u003eallowedHosts\u003c/code\u003e option for cross-origin header check (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5510\"\u003e#5510\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/03d12141bf7be09dfb14e91e5c834ee63bd9a9a2\"\u003e03d1214\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.0...v6.0.0\"\u003e5.2.1\u003c/a\u003e (2025-03-26)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecross-origin requests are not allowed unless allowed by \u003ccode\u003eAccess-Control-Allow-Origin\u003c/code\u003e header\u003c/li\u003e\n\u003cli\u003erequests with an IP addresses in the \u003ccode\u003eOrigin\u003c/code\u003e header are not allowed to connect to WebSocket server unless configured by \u003ccode\u003eallowedHosts\u003c/code\u003e or it different from the \u003ccode\u003eHost\u003c/code\u003e header\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe above changes may make the dev server not work if you relied on such behavior, but unfortunately they carry security risks, so they were considered as fixes.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent overlay for errors caught by React error boundaries (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5431\"\u003e#5431\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/8c1abc903ab444d9ce99e567b9a6c603e1ec06be\"\u003e8c1abc9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003etake the first network found instead of the last one, this restores the same behavior as 5.0.4 (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5411\"\u003e#5411\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/ffd0b86b790d372f90e17aea92cfd9def83fee96\"\u003effd0b86\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.1.0...v5.2.0\"\u003e5.2.0\u003c/a\u003e (2024-12-11)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/webpack-dev-server/blob/main/CHANGELOG.md\"\u003ewebpack-dev-server's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.3...v5.2.4\"\u003e5.2.4\u003c/a\u003e (2026-05-11)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eset Cross-Origin-Resource-Policy header to prevent source code theft over HTTP\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.2...v5.2.3\"\u003e5.2.3\u003c/a\u003e (2026-01-12)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ecause\u003c/code\u003e for \u003ccode\u003eerrorObject\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5518\"\u003e#5518\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/37b033da2c48335178495a1987c469a26ef3de60\"\u003e37b033d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ecompatibility with event target and universal target and lazy compilation  (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/574026c44b9c51f0bbd2f5a2836c54607289a071\"\u003e574026c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eoverlay:\u003c/strong\u003e add ESC key to dismiss overlay (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5598\"\u003e#5598\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/f91baa8831e061e2998849966b8002b40b83fb07\"\u003ef91baa8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eprogress indicator styles (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5557\"\u003e#5557\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/41a53a1accdb0a90785d82cbe8a079794eeed3c8\"\u003e41a53a1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade selfsigned to v5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.1...v5.2.2\"\u003e5.2.2\u003c/a\u003e (2025-06-03)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u0026quot;Overlay enabled\u0026quot; false positive (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/18e72ee3e57a6e7598a6c068c0ff7c7bb6a857f1\"\u003e18e72ee\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edo not crush when error is null for runtime errors (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5447\"\u003e#5447\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/309991f947baa0354140b9930a9654ac792e20c4\"\u003e309991f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove unnecessary header \u003ccode\u003eX_TEST\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5451\"\u003e#5451\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/64a6124bf1b4d158bb42a4341dd03121ae3759fa\"\u003e64a6124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erespect the \u003ccode\u003eallowedHosts\u003c/code\u003e option for cross-origin header check (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5510\"\u003e#5510\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/03d12141bf7be09dfb14e91e5c834ee63bd9a9a2\"\u003e03d1214\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.2.0...v6.0.0\"\u003e5.2.1\u003c/a\u003e (2025-03-26)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecross-origin requests are not allowed unless allowed by \u003ccode\u003eAccess-Control-Allow-Origin\u003c/code\u003e header\u003c/li\u003e\n\u003cli\u003erequests with an IP addresses in the \u003ccode\u003eOrigin\u003c/code\u003e header are not allowed to connect to WebSocket server unless configured by \u003ccode\u003eallowedHosts\u003c/code\u003e or it different from the \u003ccode\u003eHost\u003c/code\u003e header\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe above changes may make the dev server not work if you relied on such behavior, but unfortunately they carry security risks, so they were considered as fixes.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eprevent overlay for errors caught by React error boundaries (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5431\"\u003e#5431\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/8c1abc903ab444d9ce99e567b9a6c603e1ec06be\"\u003e8c1abc9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003etake the first network found instead of the last one, this restores the same behavior as 5.0.4 (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5411\"\u003e#5411\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/ffd0b86b790d372f90e17aea92cfd9def83fee96\"\u003effd0b86\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v5.1.0...v5.2.0\"\u003e5.2.0\u003c/a\u003e (2024-12-11)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadded \u003ccode\u003egetClientEntry\u003c/code\u003e and \u003ccode\u003egetClientHotEntry\u003c/code\u003e methods to get clients entries (\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/dc642a832d45c23c5c7a08fbf29995e0db7e0d95\"\u003edc642a8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/fd401308f1cc026262880e2dab810004d6444282\"\u003e\u003ccode\u003efd40130\u003c/code\u003e\u003c/a\u003e chore(release): 5.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/ece4f3617bea31fb6d3833f69a32b6c289959a49\"\u003e\u003ccode\u003eece4f36\u003c/code\u003e\u003c/a\u003e chore: update deps (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5661\"\u003e#5661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/a2161442a314a06a97e25d1404d08410cb4e9c51\"\u003e\u003ccode\u003ea216144\u003c/code\u003e\u003c/a\u003e ci: fix test (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5658\"\u003e#5658\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/df073c53a8cefb54210b43813fa6ee60364a554e\"\u003e\u003ccode\u003edf073c5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/b550a702bd4246d1724513b70de0bfbe6604672f\"\u003e\u003ccode\u003eb550a70\u003c/code\u003e\u003c/a\u003e chore(release): 5.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/9704dc52e3f696ae1446428c25882745e9b65cbb\"\u003e\u003ccode\u003e9704dc5\u003c/code\u003e\u003c/a\u003e chore: upgrade selfsigned to v5 and remove node-forge dependency (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5618\"\u003e#5618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/92bf644784741e8ea5adaa4a1dc26f4d462f223d\"\u003e\u003ccode\u003e92bf644\u003c/code\u003e\u003c/a\u003e chore: bump express to update qs (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5621\"\u003e#5621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/792b2f0bd13a3b93abf701fe3a5cf41ee16722f4\"\u003e\u003ccode\u003e792b2f0\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the dependencies group with 4 updates (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5606\"\u003e#5606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/6d587cab3e023675de2feedf81bcdfcec7d5b774\"\u003e\u003ccode\u003e6d587ca\u003c/code\u003e\u003c/a\u003e chore(deps): bump the dependencies group across 1 directory with 27 updates (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/webpack-dev-server/commit/f91baa8831e061e2998849966b8002b40b83fb07\"\u003e\u003ccode\u003ef91baa8\u003c/code\u003e\u003c/a\u003e fix(overlay): add ESC key to dismiss overlay (\u003ca href=\"https://redirect.github.com/webpack/webpack-dev-server/issues/5598\"\u003e#5598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/webpack/webpack-dev-server/compare/v3.1.14...v5.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `base-x` from 3.0.4 to 3.0.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/043a888a9bae09bc4b40500e37792e2c6398e9f2\"\u003e\u003ccode\u003e043a888\u003c/code\u003e\u003c/a\u003e 3.0.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/2705dddd2565b455641985974b534291d8defb31\"\u003e\u003ccode\u003e2705ddd\u003c/code\u003e\u003c/a\u003e [backport 3.x] Prohibit char codes that would overflow the \u003ccode\u003eBASE_MAP\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/3d43c0e16bfbc045a0a8bb6423e6e336df81b512\"\u003e\u003ccode\u003e3d43c0e\u003c/code\u003e\u003c/a\u003e 3.0.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/0a3544695fa6800649a8b78ed46cece61bcdbbe5\"\u003e\u003ccode\u003e0a35446\u003c/code\u003e\u003c/a\u003e Improve decoding performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/4c10d3313a5838ce122ca3022823f1b4b153b843\"\u003e\u003ccode\u003e4c10d33\u003c/code\u003e\u003c/a\u003e 3.0.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/c9dcddd5d68c5cb5fb87d3baa4382c596d574602\"\u003e\u003ccode\u003ec9dcddd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/cryptocoinjs/base-x/issues/78\"\u003e#78\u003c/a\u003e from cryptocoinjs/fix/space-alphabets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/6c54632a1bebd60fb79203c65badeec2b4360af3\"\u003e\u003ccode\u003e6c54632\u003c/code\u003e\u003c/a\u003e Fix alphabets with space in them\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/69c09ed8b5cd0ea9853b4420337a5be0540becb5\"\u003e\u003ccode\u003e69c09ed\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/cryptocoinjs/base-x/issues/73\"\u003e#73\u003c/a\u003e from terrierscript/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/1dd37959d559049397b7744ef3c4f1afd047aba9\"\u003e\u003ccode\u003e1dd3795\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/806ef3f473cb6c9a84559811f411b99cbcf93deb\"\u003e\u003ccode\u003e806ef3f\u003c/code\u003e\u003c/a\u003e 3.0.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cryptocoinjs/base-x/compare/v3.0.4...v3.0.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `elliptic` from 6.4.0 to 6.6.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/9b77436a59cc35eccf4ffb848259c8762a492ee7\"\u003e\u003ccode\u003e9b77436\u003c/code\u003e\u003c/a\u003e 6.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/04cb6f54ce552b3ebde6be06d6050419e1c7333e\"\u003e\u003ccode\u003e04cb6f5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/b8a7edd61a0d9bddd0bbf3436a4b476401edbe20\"\u003e\u003ccode\u003eb8a7edd\u003c/code\u003e\u003c/a\u003e 6.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/34c853478cec1be4e37260ed2cb12cdbdc6402cf\"\u003e\u003ccode\u003e34c8534\u003c/code\u003e\u003c/a\u003e fix: signature verification due to leading zeros\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/3e46a48fdd2ef2f89593e5e058d85530578c9761\"\u003e\u003ccode\u003e3e46a48\u003c/code\u003e\u003c/a\u003e 6.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/accb61e9c1a005e5c8ff96a8b33893100bb42d11\"\u003e\u003ccode\u003eaccb61e\u003c/code\u003e\u003c/a\u003e lib: DER signature decoding correction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/03e06e135c8e44a2da560fa197d0ba1e1e2759e9\"\u003e\u003ccode\u003e03e06e1\u003c/code\u003e\u003c/a\u003e 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281\"\u003e\u003ccode\u003e7ac5360\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/75700785ff41bb5d029d19186beff26d4883caa5\"\u003e\u003ccode\u003e7570078\u003c/code\u003e\u003c/a\u003e 6.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/206da2ee373e68466cde353f81fb59ef251b740b\"\u003e\u003ccode\u003e206da2e\u003c/code\u003e\u003c/a\u003e lib: lint\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/elliptic/compare/v6.4.0...v6.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.5.9 to 1.5.10\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/91842752013b26ed780f7b04e557c72f02228cde\"\u003e\u003ccode\u003e9184275\u003c/code\u003e\u003c/a\u003e Release version 1.5.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/988acfa0ff49b17eecf209afd491d6a57cce6893\"\u003e\u003ccode\u003e988acfa\u003c/code\u003e\u003c/a\u003e Update dependencies.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/41f20b99d7f6952ca4faad22724bdda0126e4a46\"\u003e\u003ccode\u003e41f20b9\u003c/code\u003e\u003c/a\u003e Preserve ports when the host option is used.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5b76cf33b824519fb28e60d0ba331d2919358085\"\u003e\u003ccode\u003e5b76cf3\u003c/code\u003e\u003c/a\u003e Test on Node 11.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/d62452b0ca5f8ca33a6191c4980817964b74e480\"\u003e\u003ccode\u003ed62452b\u003c/code\u003e\u003c/a\u003e In Node 11, aborted is a boolean.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/4fbbad5b82a3bbd3cf581f004e42760e44acbfe9\"\u003e\u003ccode\u003e4fbbad5\u003c/code\u003e\u003c/a\u003e Ensure all tests return their promise.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/c01a2b41af9dc234c9df5ecb139e1d15e3080f42\"\u003e\u003ccode\u003ec01a2b4\u003c/code\u003e\u003c/a\u003e Fix typo.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5373becd47e42718346970ee88fe46286f74f8fd\"\u003e\u003ccode\u003e5373bec\u003c/code\u003e\u003c/a\u003e Add downloads badge.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/69a430cc50539af24864d1b125c28147601d6288\"\u003e\u003ccode\u003e69a430c\u003c/code\u003e\u003c/a\u003e Update author and contributors.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5ebe201a804f8b3575f2b4f2d37f5775ba991198\"\u003e\u003ccode\u003e5ebe201\u003c/code\u003e\u003c/a\u003e Update license date.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.5.9...v1.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.0.5 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps:...\n\n_Description has been truncated_","html_url":"https://github.com/goodgollyholly/proofofexistence/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/goodgollyholly%2Fproofofexistence/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-06-05T01:19:06.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4593359986","node_id":"PR_kwDOE9b0hM7i6rYi","number":4,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 26 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-06-05T01:19:06.000Z","updated_at":"2026-06-05T01:19:12.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":26,"packages":[{"name":"axios","old_version":"0.21.1","new_version":"0.32.0","repository_url":"https://github.com/axios/axios"},{"name":"lodash","old_version":"4.17.20","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"@babel/helpers","old_version":"7.12.5","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.12.1","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"bn.js","old_version":"4.11.9","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"qs","old_version":"6.5.2","new_version":"6.5.5","repository_url":"https://github.com/ljharb/qs"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"elliptic","old_version":"6.5.3","new_version":"removed","repository_url":"https://github.com/indutny/elliptic"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 10 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [axios](https://github.com/axios/axios) | `0.21.1` | `0.32.0` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.20` | `4.18.1` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.12.5` | `7.29.7` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.12.1` | `7.29.7` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.11.9` | `4.12.3` |\n| [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.5.5` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [elliptic](https://github.com/indutny/elliptic) | `6.5.3` | `removed` |\n\n\nUpdates `axios` from 0.21.1 to 0.32.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.32.0 — May 4, 2026\u003c/h2\u003e\n\u003cp\u003eThis release backports a comprehensive set of security and hardening fixes from the v1.x branch into v0.x, covering prototype-pollution protections, default error redaction, stricter proxy/cookie/socket handling, and one breaking change to merged config and header object prototypes.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNull-prototype merged objects: mergeConfig and header merging now return objects with a null prototype to block prototype-pollution gadgets. Consumers must use Object.prototype.hasOwnProperty.call(obj, key) and avoid implicit string coercion against merged config or header objects. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefault error redaction: AxiosError.toJSON() now redacts sensitive keys by default to prevent credential leaks in logs. The behavior is configurable via config.redact, with defaults exposed on defaults.redact. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCookie \u0026amp; XSRF handling: Cookie names are read literally rather than via regex, and only own properties are respected when evaluating withXSRFToken. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eProxy bypass IPv6 parity: NO_PROXY matching now handles canonical IPv4-mapped IPv6 forms such as ::ffff:127.0.0.1 and ::ffff:7f00:1. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNode http adapter hardening: Strips Proxy-Authorization when no proxy is in use and gates socketPath behind a new allowedSocketPaths allowlist (string or array, normalized) to reduce accidental Unix socket exposure. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBrowser xhr adapter: Stricter own-property checks when reading config and headers. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eURL parameters: AxiosURLSearchParams keeps %00 encoded and applies consistent encoding throughout. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePublic type surface: Adds formDataHeaderPolicy, redact, and allowedSocketPaths to the TypeScript declarations alongside their runtime defaults. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepo hygiene: Updates README.md and CHANGELOG.md, adds AGENTS.md, and refreshes the issue and PR templates. (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.1...v0.32.0\"\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.1\u003c/h2\u003e\n\u003cp\u003eThis release backports a broad set of security hardenings from the v1 line — covering prototype-pollution defences, stream size enforcement, XSRF handling, URL null-byte encoding, and bounded FormData recursion — and drops committed \u003ccode\u003edist/\u003c/code\u003e artefacts along with Bower support.\u003c/p\u003e\n\u003ch2\u003e⚠️ Breaking Changes \u0026amp; Deprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBower \u0026amp; Committed \u003ccode\u003edist/\u003c/code\u003e Removed:\u003c/strong\u003e \u003ccode\u003edist/\u003c/code\u003e bundles are no longer committed to the repo, and \u003ccode\u003ebower.json\u003c/code\u003e plus the Grunt \u003ccode\u003epackage2bower\u003c/code\u003e task have been removed. CI still builds bundles before publish, so npm/yarn/pnpm consumers are unaffected; installs via Bower or directly from the git tree must migrate to npm or a CDN. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Header Merge (GHSA-6chq-wfr3-2hj9):\u003c/strong\u003e Tightened \u003ccode\u003eisFormData\u003c/code\u003e to reject plain/null-prototype objects and require \u003ccode\u003eappend\u003c/code\u003e, and guarded the Node HTTP adapter so \u003ccode\u003edata.getHeaders()\u003c/code\u003e is only merged when it is not inherited from \u003ccode\u003eObject.prototype\u003c/code\u003e. Blocks injected headers via polluted \u003ccode\u003egetHeaders\u003c/code\u003e. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution in Config Merging (GHSA-pf86-5x62-jrwf):\u003c/strong\u003e \u003ccode\u003emergeConfig\u003c/code\u003e, defaults resolution, and the HTTP adapter now uses own-property checks for \u003ccode\u003etransport\u003c/code\u003e, \u003ccode\u003eenv\u003c/code\u003e, \u003ccode\u003eBlob\u003c/code\u003e, \u003ccode\u003eformSerializer\u003c/code\u003e, and transforms arrays, and merged configs are returned as null-prototype objects. Prevents hijacking of the request flow through polluted prototypes. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFormData / Params Recursion DoS:\u003c/strong\u003e Added a configurable \u003ccode\u003emaxDepth\u003c/code\u003e (default \u003ccode\u003e100\u003c/code\u003e, \u003ccode\u003eInfinity\u003c/code\u003e disables) to \u003ccode\u003etoFormData\u003c/code\u003e and params serialisation, throwing \u003ccode\u003eAxiosError\u003c/code\u003e with code \u003ccode\u003eERR_FORM_DATA_DEPTH_EXCEEDED\u003c/code\u003e when exceeded. Circular-reference detection is preserved. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNull-Byte Injection in Query Strings:\u003c/strong\u003e Removed the unsafe \u003ccode\u003e%00\u003c/code\u003e → null-byte substitution from \u003ccode\u003eAxiosURLSearchParams.encode\u003c/code\u003e so \u003ccode\u003e%00\u003c/code\u003e is preserved as-is. Other encoding behaviour (including \u003ccode\u003e%20\u003c/code\u003e → \u003ccode\u003e+\u003c/code\u003e) unchanged. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eConsolidated v1 Security Backport:\u003c/strong\u003e Rolls up remaining v1 hardenings into \u003ccode\u003ev0.x\u003c/code\u003e: \u003ccode\u003emaxContentLength\u003c/code\u003e enforcement for \u003ccode\u003eresponseType: 'stream'\u003c/code\u003e via a guarded transform with deferred piping, \u003ccode\u003emaxBodyLength\u003c/code\u003e enforcement for streamed uploads on native \u003ccode\u003ehttp\u003c/code\u003e/\u003ccode\u003ehttps\u003c/code\u003e with \u003ccode\u003emaxRedirects: 0\u003c/code\u003e, and stricter \u003ccode\u003ewithXSRFToken\u003c/code\u003e handling so only own boolean \u003ccode\u003etrue\u003c/code\u003e enables cross-origin XSRF headers. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCODEOWNERS:\u003c/strong\u003e Added \u003ccode\u003e.github/CODEOWNERS\u003c/code\u003e with \u003ccode\u003e* @jasonsaayman\u003c/code\u003e to set a default reviewer for all paths. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v0.31.0...v0.31.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.31.0\u003c/h2\u003e\n\u003cp\u003eThis release backports security fixes from v1.x, hardens the CI/CD supply chain with OIDC publishing and \u003ccode\u003ezizmor\u003c/code\u003e scanning, resolves TypeScript typing issues in \u003ccode\u003eAxiosInstance\u003c/code\u003e, and fixes a performance regression in \u003ccode\u003eisEmptyObject()\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/8db2d44896849a21ed9721185b1034df24e1ba7b\"\u003e\u003ccode\u003e8db2d44\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.32.0 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10840\"\u003e#10840\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/2af6116a957b1dd1b32056181326da8a5540d3bc\"\u003e\u003ccode\u003e2af6116\u003c/code\u003e\u003c/a\u003e chore: backport fixes from the v1x branch (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10838\"\u003e#10838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/a589dc525af12e0fabef7d6e5be028ad433eee31\"\u003e\u003ccode\u003ea589dc5\u003c/code\u003e\u003c/a\u003e chore: bump version to v0.31.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10766\"\u003e#10766\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b0c632f36a5ea2e73c9bdf3a54164a8ede925736\"\u003e\u003ccode\u003eb0c632f\u003c/code\u003e\u003c/a\u003e fix: backport security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10764\"\u003e#10764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/b52187f4571b6b8663fed5904e3082ab30660364\"\u003e\u003ccode\u003eb52187f\u003c/code\u003e\u003c/a\u003e fix: harden config merging (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10752\"\u003e#10752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/e3ddeb40f6a142a234925341151e2ca631a6de64\"\u003e\u003ccode\u003ee3ddeb4\u003c/code\u003e\u003c/a\u003e fix: header security issues (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10750\"\u003e#10750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/f4f2d76e25cc0f777e5416e2d76282ab873ef9dc\"\u003e\u003ccode\u003ef4f2d76\u003c/code\u003e\u003c/a\u003e chore: stop committing dist/ and remove bower (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10747\"\u003e#10747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1f2f64433e5be205d74471c78c2721909282b9c0\"\u003e\u003ccode\u003e1f2f644\u003c/code\u003e\u003c/a\u003e chore: add CODEOWNERS (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10740\"\u003e#10740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44bca902e1bdd7dd6490c7b4985b63e729b0e634\"\u003e\u003ccode\u003e44bca90\u003c/code\u003e\u003c/a\u003e fix: improve regex in AxiosURLSearchParams (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10737\"\u003e#10737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/4c4f07fabdb005f5430bab797f12b55e2ed5fb33\"\u003e\u003ccode\u003e4c4f07f\u003c/code\u003e\u003c/a\u003e fix: form data recursion (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10728\"\u003e#10728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.21.1...v0.32.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.20 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.20...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.12.5 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/helpers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.12.1 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.11.9 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/84ae31344a557abb78ddabe3bac923b7503e4fb5\"\u003e\u003ccode\u003e84ae313\u003c/code\u003e\u003c/a\u003e 4.12.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/967ed0a50a9400bbbd83b450550cf37f7fa178b9\"\u003e\u003ccode\u003e967ed0a\u003c/code\u003e\u003c/a\u003e fix: Buffer not using global in browser (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/260\"\u003e#260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/61962320d7907a1a4d03a665782cb2733160c907\"\u003e\u003ccode\u003e6196232\u003c/code\u003e\u003c/a\u003e Fix LE constructor for HEX (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.11.9...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.5.2 to 6.5.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.5.5\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] fix regressions from robustness refactor\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e to autogenerate an npmignore file\u003c/li\u003e\n\u003cli\u003e[actions] update reusable workflows\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.5.4\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.5.3\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: ignore \u003ccode\u003e__proto__\u003c/code\u003e keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/428\"\u003e#428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils.merge\u003c/code\u003e: avoid a crash with a null target and a truthy non-array source\u003c/li\u003e\n\u003cli\u003e[Fix] correctly parse nested arrays\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: fix a crash with \u003ccode\u003estrictNullHandling\u003c/code\u003e and a custom \u003ccode\u003efilter\u003c/code\u003e/\u003ccode\u003eserializeDate\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/279\"\u003e#279\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils\u003c/code\u003e: \u003ccode\u003emerge\u003c/code\u003e: fix crash when \u003ccode\u003esource\u003c/code\u003e is a truthy primitive \u0026amp; no options are provided\u003c/li\u003e\n\u003cli\u003e[Fix] when \u003ccode\u003eparseArrays\u003c/code\u003e is false, properly handle keys ending in \u003ccode\u003e[]\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] fix for an impossible situation: when the formatter is called with a non-string value\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eutils.merge\u003c/code\u003e: avoid a crash with a null target and an array source\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eutils\u003c/code\u003e: reduce observable [[Get]]s\u003c/li\u003e\n\u003cli\u003e[Refactor] use cached \u003ccode\u003eArray.isArray\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003estringify\u003c/code\u003e: Avoid arr = arr.concat(...), push to the existing instance (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/269\"\u003e#269\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: only need to reassign the var once\u003c/li\u003e\n\u003cli\u003e[Robustness] \u003ccode\u003estringify\u003c/code\u003e: avoid relying on a global \u003ccode\u003eundefined\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/427\"\u003e#427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] remove travis badge; add github actions/codecov badges; update URLs\u003c/li\u003e\n\u003cli\u003e[Docs] Clean up license text so it’s properly detected as BSD-3-Clause\u003c/li\u003e\n\u003cli\u003e[Docs] Clarify the need for \u0026quot;arrayLimit\u0026quot; option\u003c/li\u003e\n\u003cli\u003e[meta] fix README.md (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/399\"\u003e#399\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[meta] add FUNDING.yml\u003c/li\u003e\n\u003cli\u003e[actions] backport actions from main\u003c/li\u003e\n\u003cli\u003e[Tests] always use \u003ccode\u003eString(x)\u003c/code\u003e over \u003ccode\u003ex.toString()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] remove nonexistent tape option\u003c/li\u003e\n\u003cli\u003e[Dev Deps] backport from main\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a6d9f8e298703028bbd426a3bc49a1fb6a66363\"\u003e\u003ccode\u003e3a6d9f8\u003c/code\u003e\u003c/a\u003e v6.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/48160e70a97cab102591e55c5c4db19fb102cb54\"\u003e\u003ccode\u003e48160e7\u003c/code\u003e\u003c/a\u003e [actions] update reusable workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/2fc004a6194a49167711f7136678e908b3193eb9\"\u003e\u003ccode\u003e2fc004a\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e to autogenerate an npmignore file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/ddcc5d5ba5109c9c649e15a0ee4b1e4f0e202c55\"\u003e\u003ccode\u003eddcc5d5\u003c/code\u003e\u003c/a\u003e [Fix] fix regressions from robustness refactor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/c19048854aa13688f51208442e84717d7b280aae\"\u003e\u003ccode\u003ec190488\u003c/code\u003e\u003c/a\u003e v6.5.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/40b77c3c8d3b781fdb1e0b36490f6a36bca506b5\"\u003e\u003ccode\u003e40b77c3\u003c/code\u003e\u003c/a\u003e [actions] fix rebase workflow permissions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/6e39e92b969bacfc13aa7d96acc2681e0a8ff613\"\u003e\u003ccode\u003e6e39e92\u003c/code\u003e\u003c/a\u003e [readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/4e393de47a8f469b23bbb1d4bdf2022f2d873f17\"\u003e\u003ccode\u003e4e393de\u003c/code\u003e\u003c/a\u003e [readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/dbb0346103459a2cc3b92219aac7087f826a56c1\"\u003e\u003ccode\u003edbb0346\u003c/code\u003e\u003c/a\u003e [readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/6b8b4d8de3767e11b213152d984265414c23da6e\"\u003e\u003ccode\u003e6b8b4d8\u003c/code\u003e\u003c/a\u003e [Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.5.2...v6.5.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `elliptic`\n\nUpdates `flatted` from 3.1.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.1.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.13.1 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.13.1...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 2.3.3 to 3.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add setBoundary method  55d90ce\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/451\"\u003e#451\u003c/a\u003e from arku/patch-1  d702625\u003c/li\u003e\n\u003cli\u003eFix typo: ads -\u0026gt; adds  714ac8b\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.0...v3.0.1\"\u003ehttps://github.com/form-data/form-data/compare/v3.0.0...v3.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.5.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eBuffer.from\u003c/code\u003e and \u003ccode\u003eBuffer.alloc\u003c/code\u003e require node 4+\u003c/li\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDev Improvements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed error in the documentations as indicated in \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/439\"\u003e#439\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded remaining combined-stream options to typedef\u003c/li\u003e\n\u003cli\u003eBumped rimraf to 2.7.1 (dev-dep)\u003c/li\u003e\n\u003cli\u003eAdded constructor options to TypeScript defs\u003c/li\u003e\n\u003cli\u003eFixed error in callback signatures\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAdded Types\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded TS types\u003c/li\u003e\n\u003cli\u003eImproved documentation\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eAdded getBuffer method\u003c/h2\u003e\n\u003cp\u003eUpdated test builds to support node10 and 12.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c1f\"\u003e\u003ccode\u003ee8c574c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] Switch to using \u003ccode\u003ecrypto\u003c/code\u003e random for boundary values \u003ca href=\"https://github.com/form-data/form-data/commit/c6ced61d4fae8f617ee2fd692133ed87baa5d0fd\"\u003e\u003ccode\u003ec6ced61\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003ehasown\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/1a78b5dd05e508d67e97764d812ac7c6d92ea88d\"\u003e\u003ccode\u003e1a78b5d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] validate boundary type in \u003ccode\u003esetBoundary()\u003c/code\u003e method \u003ca href=\"https://github.com/form-data/form-data/commit/70bbaa0b395ca0fb975c309de8d7286979254cc4\"\u003e\u003ccode\u003e70bbaa0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add tests to check the behavior of \u003ccode\u003egetBoundary\u003c/code\u003e with non-strings \u003ca href=\"https://github.com/form-data/form-data/commit/b22a64ef94ba4f3f6ff7d1ac72a54cca128567df\"\u003e\u003ccode\u003eb22a64e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] actually ensure the readme backup isn’t published \u003ca href=\"https://github.com/form-data/form-data/commit/01508513ffb26fd662ae7027834b325af8efb9ea\"\u003e\u003ccode\u003e0150851\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove local commit hooks \u003ca href=\"https://github.com/form-data/form-data/commit/fc42bb9315b641bfa6dae51cb4e188a86bb04769\"\u003e\u003ccode\u003efc42bb9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] remove unused deps \u003ca href=\"https://github.com/form-data/form-data/commit/a14d09ea8ed7e0a2e1705269ce6fb54bb7ee6bdb\"\u003e\u003ccode\u003ea14d09e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix scripts to use prepublishOnly \u003ca href=\"https://github.com/form-data/form-data/commit/11d9f7338f18a59b431832a3562b49baece0a432\"\u003e\u003ccode\u003e11d9f73\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix readme capitalization \u003ca href=\"https://github.com/form-data/form-data/commit/fc38b4834a117a1856f3d877eb2f5b7496a24932\"\u003e\u003ccode\u003efc38b48\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.2...v3.0.3\"\u003ev3.0.3\u003c/a\u003e - 2025-02-14\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/573\"\u003e\u003ccode\u003e[#573](https://github.com/form-data/form-data/issues/573)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] set \u003ccode\u003eSymbol.toStringTag\u003c/code\u003e when available (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/573\"\u003e#573\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/396\"\u003e\u003ccode\u003e[#396](https://github.com/form-data/form-data/issues/396)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eObject.prototype.hasOwnProperty.call\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/7fecefe4ba8f775634aff86a698776ad95ecffb5\"\u003e\u003ccode\u003e7fecefe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003ebrowserify\u003c/code\u003e, \u003ccode\u003ecoveralls\u003c/code\u003e, \u003ccode\u003ecross-spawn\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003eformidable\u003c/code\u003e, \u003ccode\u003ein-publish\u003c/code\u003e, \u003ccode\u003epkgfiles\u003c/code\u003e, \u003ccode\u003epre-commit\u003c/code\u003e, \u003ccode\u003epuppeteer\u003c/code\u003e, \u003ccode\u003erequest\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e, \u003ccode\u003etypescript\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/8261fcb8bf5944d30ae3bd04b91b71d6a9932ef4\"\u003e\u003ccode\u003e8261fcb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/form-data/form-data/commit/b82f59093cdbadb4b7ec0922d33ae7ab048b82ff\"\u003e\u003ccode\u003eb82f590\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] pin \u003ccode\u003erequest\u003c/code\u003e which via \u003ccode\u003etough-cookie\u003c/code\u003e ^2.4 depends on \u003ccode\u003epsl\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/e5df7f24383342264bd73dee3274818a40d04065\"\u003e\u003ccode\u003ee5df7f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003emime-types\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/5a5bafee894fead10da49e1fa2b084e17f2e1034\"\u003e\u003ccode\u003e5a5bafe\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.1...v3.0.2\"\u003ev3.0.2\u003c/a\u003e - 2024-10-10\u003c/h2\u003e\n\u003ch3\u003eMerged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix (npmignore): ignore temporary build files \u003ca href=\"https://redirect.github.com/form-data/form-data/pull/532\"\u003e\u003ccode\u003e[#532](https://github.com/form-data/form-data/issues/532)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/form-data/form-data/commit/8fdb3bc6b5d001f8909a9fca391d1d1d97ef1d79\"\u003e\u003ccode\u003e8fdb3bc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] clean up ignores \u003ca href=\"https://github.com/form-data/form-data/commit/3217b3ded8e382e51171d5c74c6038a21cc54440\"\u003e\u003ccode\u003e3217b3d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: move util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e) \u003ca href=\"https://github.com/form-data/form-data/commit/edb555a811f6f7e4668db4831551cf41c1de1cac\"\u003e\u003ccode\u003eedb555a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/form-data/form-data/commits/v3.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for form-data since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck migration guide in \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/docs\"\u003edocs\u003c/a\u003e for details of all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/com...\n\n_Description has been truncated_","html_url":"https://github.com/hassanalimalek/eDukan/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hassanalimalek%2FeDukan/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-05-30T09:33:36.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4553996752","node_id":"PR_kwDOQplPD87g7I7x","number":1,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-30T09:33:36.000Z","updated_at":"2026-05-30T09:34:33.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"ws","old_version":"8.18.3","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"electron","old_version":"17.4.11","new_version":"39.8.5","repository_url":"https://github.com/electron/electron"},{"name":"simple-git","old_version":"1.132.0","new_version":"3.36.0","repository_url":"https://github.com/steveukx/git-js"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.25.9","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"picomatch","old_version":"4.0.3","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"},{"name":"axios","old_version":"0.26.1","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"braces","old_version":"1.8.5","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"tmp","old_version":"0.2.3","new_version":"0.2.7","repository_url":"https://github.com/raszi/node-tmp"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"qs","old_version":"6.13.0","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the /test/framework/twilio-video-angular directory: [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common), [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) and [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core).\nBumps the npm_and_yarn group with 13 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.21.0` |\n| [electron](https://github.com/electron/electron) | `17.4.11` | `39.8.5` |\n| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `1.132.0` | `3.36.0` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.25.9` | `7.29.7` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [picomatch](https://github.com/micromatch/picomatch) | `4.0.3` | `4.0.4` |\n| [axios](https://github.com/axios/axios) | `0.26.1` | `1.16.1` |\n| [braces](https://github.com/micromatch/braces) | `1.8.5` | `3.0.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.2.3` | `0.2.7` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.6` |\n| [qs](https://github.com/ljharb/qs) | `6.13.0` | `6.15.2` |\n\n\nUpdates `@angular/common` from 4.0.3 to 21.2.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/common's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e21.2.15\u003c/h2\u003e\n\u003ch3\u003ecommon\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7f4ac78994bff1576ab33f3ce48f95c17f40b4d8\"\u003e\u003cimg src=\"https://img.shields.io/badge/7f4ac78994-fix-green\" alt=\"fix - 7f4ac78994\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eadd upper bounds for digitsInfo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/300f61feb3a534bfddf16fcbd240f97b32249699\"\u003e\u003cimg src=\"https://img.shields.io/badge/300f61feb3-fix-green\" alt=\"fix - 300f61feb3\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize placeholder\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0b07f47bd6598ae6bd5b75a375e2c817a3c0f243\"\u003e\u003cimg src=\"https://img.shields.io/badge/0b07f47bd6-fix-green\" alt=\"fix - 0b07f47bd6\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003enormalize tag names with custom namespaces in DomElementSchemaRegistry (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/eb1cbbf2eb5833219a367a61c04eb07aaa36cc29\"\u003e\u003cimg src=\"https://img.shields.io/badge/eb1cbbf2eb-fix-green\" alt=\"fix - eb1cbbf2eb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1378d54bd93f3882d732261be8e66720eb71b2\"\u003e\u003cimg src=\"https://img.shields.io/badge/cc1378d54b-fix-green\" alt=\"fix - cc1378d54b\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize dynamic href and xlink:href bindings on SVG a elements (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/782e01594e2ad9134c7385dcf3b518101b23ccab\"\u003e\u003cimg src=\"https://img.shields.io/badge/782e01594e-fix-green\" alt=\"fix - 782e01594e\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ff12fe55ace5e861ba261afb4c0480ff3c40a192\"\u003e\u003cimg src=\"https://img.shields.io/badge/ff12fe55ac-fix-green\" alt=\"fix - ff12fe55ac\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003enormalize tag names in runtime i18n attribute security context lookup (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e6fe77cc97fd10351687416f938bf754aff4eb9f\"\u003e\u003cimg src=\"https://img.shields.io/badge/e6fe77cc97-fix-green\" alt=\"fix - e6fe77cc97\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize meta selectors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/daaf32937fd5c46e411b26f7c082613716fe9550\"\u003e\u003cimg src=\"https://img.shields.io/badge/daaf32937f-fix-green\" alt=\"fix - daaf32937f\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esupport prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/dada86e43d847204f714d1a933084617ab941c0a\"\u003e\u003cimg src=\"https://img.shields.io/badge/dada86e43d-fix-green\" alt=\"fix - dada86e43d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esynchronize core sanitization schema with compiler (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/582a417bd27fdaf989e5065dbcdf1ad752faf70c\"\u003e\u003cimg src=\"https://img.shields.io/badge/582a417bd2-fix-green\" alt=\"fix - 582a417bd2\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eexclude withCredentials requests from transfer cache\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5c6d6df34bbeff3ce98f3b35875444f925cc8f51\"\u003e\u003cimg src=\"https://img.shields.io/badge/5c6d6df34b-fix-green\" alt=\"fix - 5c6d6df34b\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eskip TransferCache for cookie-bearing requests by default\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eplatform-server\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/37e8aadf87b4facfcaf002a1557f8c393a362d97\"\u003e\u003cimg src=\"https://img.shields.io/badge/37e8aadf87-fix-green\" alt=\"fix - 37e8aadf87\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent SSRF bypasses via backslash URLs in HttpClient\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72696e244ed7646cca9ab9afc7769a2163943bda\"\u003e\u003cimg src=\"https://img.shields.io/badge/72696e244e-fix-green\" alt=\"fix - 72696e244e\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esecure location and document initialization against SSRF and path hijack\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eservice-worker\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b8bd49341ddcee10d119a9d4aa8e5736e4e5da53\"\u003e\u003cimg src=\"https://img.shields.io/badge/b8bd49341d-fix-green\" alt=\"fix - b8bd49341d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePreserves explicit 'credentials: omit' in asset requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ca32fc10001301e6174804f9abcfba62252334f4\"\u003e\u003cimg src=\"https://img.shields.io/badge/ca32fc1000-fix-green\" alt=\"fix - ca32fc1000\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePreserves HTTP cache mode in asset group requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e21.2.14\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/68282dff9f9ef46540cca4bd38fc1ab739c8a783\"\u003e\u003cimg src=\"https://img.shields.io/badge/68282dff9f-fix-green\" alt=\"fix - 68282dff9f\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/c0f52272ed337d4776bd4178cbbdc7f32037500f\"\u003e\u003cimg src=\"https://img.shields.io/badge/c0f52272ed-fix-green\" alt=\"fix - c0f52272ed\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003edo not insert todo when migrating void \u003ca href=\"https://github.com/Output\"\u003e\u003ccode\u003e@​Output\u003c/code\u003e\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/938a7f3eddda97a39edb9edcc8b4dd970858b3a2\"\u003e\u003cimg src=\"https://img.shields.io/badge/938a7f3edd-fix-green\" alt=\"fix - 938a7f3edd\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003emakes resource URL sanitizer lookup case-insensitive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0fb272419407a64a0a47096b03a911f4e7e83d79\"\u003e\u003cimg src=\"https://img.shields.io/badge/0fb2724194-fix-green\" alt=\"fix - 0fb2724194\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ereject script element as a dynamic component host\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/49113ac0eff852d987b5acb28a9bbda0242842cd\"\u003e\u003cimg src=\"https://img.shields.io/badge/49113ac0ef-fix-green\" alt=\"fix - 49113ac0ef\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003evisit ICU expressions in signal migration schematics\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003erouter\u003c/h3\u003e\n\u003cp\u003e| Commit | Description |\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/common's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e21.2.15 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecommon\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7f4ac78994bff1576ab33f3ce48f95c17f40b4d8\"\u003e7f4ac78994\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eadd upper bounds for digitsInfo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/300f61feb3a534bfddf16fcbd240f97b32249699\"\u003e300f61feb3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize placeholder\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0b07f47bd6598ae6bd5b75a375e2c817a3c0f243\"\u003e0b07f47bd6\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enormalize tag names with custom namespaces in DomElementSchemaRegistry (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/eb1cbbf2eb5833219a367a61c04eb07aaa36cc29\"\u003eeb1cbbf2eb\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1378d54bd93f3882d732261be8e66720eb71b2\"\u003ecc1378d54b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize dynamic href and xlink:href bindings on SVG a elements (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/782e01594e2ad9134c7385dcf3b518101b23ccab\"\u003e782e01594e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ff12fe55ace5e861ba261afb4c0480ff3c40a192\"\u003eff12fe55ac\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enormalize tag names in runtime i18n attribute security context lookup (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e6fe77cc97fd10351687416f938bf754aff4eb9f\"\u003ee6fe77cc97\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize meta selectors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/daaf32937fd5c46e411b26f7c082613716fe9550\"\u003edaaf32937f\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/dada86e43d847204f714d1a933084617ab941c0a\"\u003edada86e43d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esynchronize core sanitization schema with compiler (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/582a417bd27fdaf989e5065dbcdf1ad752faf70c\"\u003e582a417bd2\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eexclude withCredentials requests from transfer cache\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5c6d6df34bbeff3ce98f3b35875444f925cc8f51\"\u003e5c6d6df34b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eskip TransferCache for cookie-bearing requests by default\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eplatform-server\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/37e8aadf87b4facfcaf002a1557f8c393a362d97\"\u003e37e8aadf87\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent SSRF bypasses via backslash URLs in HttpClient\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72696e244ed7646cca9ab9afc7769a2163943bda\"\u003e72696e244e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esecure location and document initialization against SSRF and path hijack\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eservice-worker\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b8bd49341ddcee10d119a9d4aa8e5736e4e5da53\"\u003eb8bd49341d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ePreserves explicit 'credentials: omit' in asset requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ca32fc10001301e6174804f9abcfba62252334f4\"\u003eca32fc1000\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ePreserves HTTP cache mode in asset group requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e19.2.24 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/6ea6379123a7b0e191f8b9f66dfb74ca29659a6c\"\u003e6ea6379123\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.23 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/582a417bd27fdaf989e5065dbcdf1ad752faf70c\"\u003e\u003ccode\u003e582a417\u003c/code\u003e\u003c/a\u003e fix(http): exclude withCredentials requests from transfer cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/5c6d6df34bbeff3ce98f3b35875444f925cc8f51\"\u003e\u003ccode\u003e5c6d6df\u003c/code\u003e\u003c/a\u003e fix(http): skip TransferCache for cookie-bearing requests by default\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/300f61feb3a534bfddf16fcbd240f97b32249699\"\u003e\u003ccode\u003e300f61f\u003c/code\u003e\u003c/a\u003e fix(common): sanitize placeholder\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/7f4ac78994bff1576ab33f3ce48f95c17f40b4d8\"\u003e\u003ccode\u003e7f4ac78\u003c/code\u003e\u003c/a\u003e fix(common): add upper bounds for digitsInfo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/30cf85f71c52683016200ecf6d68b4418084ee6e\"\u003e\u003ccode\u003e30cf85f\u003c/code\u003e\u003c/a\u003e refactor(common): update deprecation message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/42d57c35781fb65fc4d44df59b6a85287664216a\"\u003e\u003ccode\u003e42d57c3\u003c/code\u003e\u003c/a\u003e refactor(common): fix viewport tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/10ad3c06923453ae0ec06b06e664ce05900a4ff6\"\u003e\u003ccode\u003e10ad3c0\u003c/code\u003e\u003c/a\u003e fix(common): prevent focus from scrollToAnchor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/540536c386f2c735a700c2c9e2697a88dcb3d4ec\"\u003e\u003ccode\u003e540536c\u003c/code\u003e\u003c/a\u003e fix(http): add CSP nonce support to JsonpClientBackend\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/8102331f82c808ca2256ba51a1d83803a61beabb\"\u003e\u003ccode\u003e8102331\u003c/code\u003e\u003c/a\u003e test(http): disable XSRF and mock location in HttpClient tests to avoid Domin...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/13f050d2204285173273ebbfe9b34bc1b3c63c80\"\u003e\u003ccode\u003e13f050d\u003c/code\u003e\u003c/a\u003e test: construct local \u003ccode\u003eDate\u003c/code\u003e objects to fix timezone flakiness\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v21.2.15/packages/common\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/common\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/compiler` from 4.0.3 to 21.2.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/compiler's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e21.2.15\u003c/h2\u003e\n\u003ch3\u003ecommon\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7f4ac78994bff1576ab33f3ce48f95c17f40b4d8\"\u003e\u003cimg src=\"https://img.shields.io/badge/7f4ac78994-fix-green\" alt=\"fix - 7f4ac78994\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eadd upper bounds for digitsInfo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/300f61feb3a534bfddf16fcbd240f97b32249699\"\u003e\u003cimg src=\"https://img.shields.io/badge/300f61feb3-fix-green\" alt=\"fix - 300f61feb3\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize placeholder\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0b07f47bd6598ae6bd5b75a375e2c817a3c0f243\"\u003e\u003cimg src=\"https://img.shields.io/badge/0b07f47bd6-fix-green\" alt=\"fix - 0b07f47bd6\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003enormalize tag names with custom namespaces in DomElementSchemaRegistry (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/eb1cbbf2eb5833219a367a61c04eb07aaa36cc29\"\u003e\u003cimg src=\"https://img.shields.io/badge/eb1cbbf2eb-fix-green\" alt=\"fix - eb1cbbf2eb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1378d54bd93f3882d732261be8e66720eb71b2\"\u003e\u003cimg src=\"https://img.shields.io/badge/cc1378d54b-fix-green\" alt=\"fix - cc1378d54b\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize dynamic href and xlink:href bindings on SVG a elements (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/782e01594e2ad9134c7385dcf3b518101b23ccab\"\u003e\u003cimg src=\"https://img.shields.io/badge/782e01594e-fix-green\" alt=\"fix - 782e01594e\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ff12fe55ace5e861ba261afb4c0480ff3c40a192\"\u003e\u003cimg src=\"https://img.shields.io/badge/ff12fe55ac-fix-green\" alt=\"fix - ff12fe55ac\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003enormalize tag names in runtime i18n attribute security context lookup (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e6fe77cc97fd10351687416f938bf754aff4eb9f\"\u003e\u003cimg src=\"https://img.shields.io/badge/e6fe77cc97-fix-green\" alt=\"fix - e6fe77cc97\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize meta selectors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/daaf32937fd5c46e411b26f7c082613716fe9550\"\u003e\u003cimg src=\"https://img.shields.io/badge/daaf32937f-fix-green\" alt=\"fix - daaf32937f\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esupport prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/dada86e43d847204f714d1a933084617ab941c0a\"\u003e\u003cimg src=\"https://img.shields.io/badge/dada86e43d-fix-green\" alt=\"fix - dada86e43d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esynchronize core sanitization schema with compiler (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/582a417bd27fdaf989e5065dbcdf1ad752faf70c\"\u003e\u003cimg src=\"https://img.shields.io/badge/582a417bd2-fix-green\" alt=\"fix - 582a417bd2\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eexclude withCredentials requests from transfer cache\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5c6d6df34bbeff3ce98f3b35875444f925cc8f51\"\u003e\u003cimg src=\"https://img.shields.io/badge/5c6d6df34b-fix-green\" alt=\"fix - 5c6d6df34b\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eskip TransferCache for cookie-bearing requests by default\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eplatform-server\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/37e8aadf87b4facfcaf002a1557f8c393a362d97\"\u003e\u003cimg src=\"https://img.shields.io/badge/37e8aadf87-fix-green\" alt=\"fix - 37e8aadf87\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent SSRF bypasses via backslash URLs in HttpClient\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72696e244ed7646cca9ab9afc7769a2163943bda\"\u003e\u003cimg src=\"https://img.shields.io/badge/72696e244e-fix-green\" alt=\"fix - 72696e244e\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esecure location and document initialization against SSRF and path hijack\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eservice-worker\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b8bd49341ddcee10d119a9d4aa8e5736e4e5da53\"\u003e\u003cimg src=\"https://img.shields.io/badge/b8bd49341d-fix-green\" alt=\"fix - b8bd49341d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePreserves explicit 'credentials: omit' in asset requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ca32fc10001301e6174804f9abcfba62252334f4\"\u003e\u003cimg src=\"https://img.shields.io/badge/ca32fc1000-fix-green\" alt=\"fix - ca32fc1000\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePreserves HTTP cache mode in asset group requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e21.2.14\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/68282dff9f9ef46540cca4bd38fc1ab739c8a783\"\u003e\u003cimg src=\"https://img.shields.io/badge/68282dff9f-fix-green\" alt=\"fix - 68282dff9f\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/c0f52272ed337d4776bd4178cbbdc7f32037500f\"\u003e\u003cimg src=\"https://img.shields.io/badge/c0f52272ed-fix-green\" alt=\"fix - c0f52272ed\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003edo not insert todo when migrating void \u003ca href=\"https://github.com/Output\"\u003e\u003ccode\u003e@​Output\u003c/code\u003e\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/938a7f3eddda97a39edb9edcc8b4dd970858b3a2\"\u003e\u003cimg src=\"https://img.shields.io/badge/938a7f3edd-fix-green\" alt=\"fix - 938a7f3edd\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003emakes resource URL sanitizer lookup case-insensitive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0fb272419407a64a0a47096b03a911f4e7e83d79\"\u003e\u003cimg src=\"https://img.shields.io/badge/0fb2724194-fix-green\" alt=\"fix - 0fb2724194\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ereject script element as a dynamic component host\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/49113ac0eff852d987b5acb28a9bbda0242842cd\"\u003e\u003cimg src=\"https://img.shields.io/badge/49113ac0ef-fix-green\" alt=\"fix - 49113ac0ef\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003evisit ICU expressions in signal migration schematics\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003erouter\u003c/h3\u003e\n\u003cp\u003e| Commit | Description |\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/compiler's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e21.2.15 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecommon\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7f4ac78994bff1576ab33f3ce48f95c17f40b4d8\"\u003e7f4ac78994\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eadd upper bounds for digitsInfo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/300f61feb3a534bfddf16fcbd240f97b32249699\"\u003e300f61feb3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize placeholder\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0b07f47bd6598ae6bd5b75a375e2c817a3c0f243\"\u003e0b07f47bd6\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enormalize tag names with custom namespaces in DomElementSchemaRegistry (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/eb1cbbf2eb5833219a367a61c04eb07aaa36cc29\"\u003eeb1cbbf2eb\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1378d54bd93f3882d732261be8e66720eb71b2\"\u003ecc1378d54b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize dynamic href and xlink:href bindings on SVG a elements (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/782e01594e2ad9134c7385dcf3b518101b23ccab\"\u003e782e01594e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ff12fe55ace5e861ba261afb4c0480ff3c40a192\"\u003eff12fe55ac\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enormalize tag names in runtime i18n attribute security context lookup (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e6fe77cc97fd10351687416f938bf754aff4eb9f\"\u003ee6fe77cc97\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize meta selectors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/daaf32937fd5c46e411b26f7c082613716fe9550\"\u003edaaf32937f\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/dada86e43d847204f714d1a933084617ab941c0a\"\u003edada86e43d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esynchronize core sanitization schema with compiler (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/582a417bd27fdaf989e5065dbcdf1ad752faf70c\"\u003e582a417bd2\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eexclude withCredentials requests from transfer cache\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5c6d6df34bbeff3ce98f3b35875444f925cc8f51\"\u003e5c6d6df34b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eskip TransferCache for cookie-bearing requests by default\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eplatform-server\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/37e8aadf87b4facfcaf002a1557f8c393a362d97\"\u003e37e8aadf87\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent SSRF bypasses via backslash URLs in HttpClient\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72696e244ed7646cca9ab9afc7769a2163943bda\"\u003e72696e244e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esecure location and document initialization against SSRF and path hijack\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eservice-worker\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b8bd49341ddcee10d119a9d4aa8e5736e4e5da53\"\u003eb8bd49341d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ePreserves explicit 'credentials: omit' in asset requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ca32fc10001301e6174804f9abcfba62252334f4\"\u003eca32fc1000\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ePreserves HTTP cache mode in asset group requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e19.2.24 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/6ea6379123a7b0e191f8b9f66dfb74ca29659a6c\"\u003e6ea6379123\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.23 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/eb1cbbf2eb5833219a367a61c04eb07aaa36cc29\"\u003e\u003ccode\u003eeb1cbbf\u003c/code\u003e\u003c/a\u003e fix(compiler): prevent namespaced SVG \u0026lt;style\u0026gt; elements from being stripped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/29ceeffd40a2250eb51ac34af22d49e85b878922\"\u003e\u003ccode\u003e29ceeff\u003c/code\u003e\u003c/a\u003e docs: fix typos in source code comments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/782e01594e2ad9134c7385dcf3b518101b23ccab\"\u003e\u003ccode\u003e782e015\u003c/code\u003e\u003c/a\u003e fix(compiler): strip namespaced SVG script elements during template compilati...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/ff12fe55ace5e861ba261afb4c0480ff3c40a192\"\u003e\u003ccode\u003eff12fe5\u003c/code\u003e\u003c/a\u003e fix(core): normalize tag names in runtime i18n attribute security context loo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/0b07f47bd6598ae6bd5b75a375e2c817a3c0f243\"\u003e\u003ccode\u003e0b07f47\u003c/code\u003e\u003c/a\u003e fix(compiler): normalize tag names with custom namespaces in DomElementSchema...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1378d54bd93f3882d732261be8e66720eb71b2\"\u003e\u003ccode\u003ecc1378d\u003c/code\u003e\u003c/a\u003e fix(compiler): sanitize dynamic href and xlink:href bindings on SVG a element...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/daaf32937fd5c46e411b26f7c082613716fe9550\"\u003e\u003ccode\u003edaaf329\u003c/code\u003e\u003c/a\u003e fix(core): support prefix-insensitive DOM schema lookups and compile-time i18...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/68282dff9f9ef46540cca4bd38fc1ab739c8a783\"\u003e\u003ccode\u003e68282df\u003c/code\u003e\u003c/a\u003e fix(compiler): strip namespaced SVG script elements during template compilation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/6652ec0115b20a6f8721137769afac30cd70f9a6\"\u003e\u003ccode\u003e6652ec0\u003c/code\u003e\u003c/a\u003e refactor(core): align namespaced attribute validation and security schema con...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/baf92da96ed73a0f4748edf05d3c0702cab219da\"\u003e\u003ccode\u003ebaf92da\u003c/code\u003e\u003c/a\u003e test: remove invalid css that was causing issues with the postcss parser\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v21.2.15/packages/compiler\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/compiler\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/core` from 4.0.3 to 21.2.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e21.2.15\u003c/h2\u003e\n\u003ch3\u003ecommon\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7f4ac78994bff1576ab33f3ce48f95c17f40b4d8\"\u003e\u003cimg src=\"https://img.shields.io/badge/7f4ac78994-fix-green\" alt=\"fix - 7f4ac78994\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eadd upper bounds for digitsInfo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/300f61feb3a534bfddf16fcbd240f97b32249699\"\u003e\u003cimg src=\"https://img.shields.io/badge/300f61feb3-fix-green\" alt=\"fix - 300f61feb3\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize placeholder\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0b07f47bd6598ae6bd5b75a375e2c817a3c0f243\"\u003e\u003cimg src=\"https://img.shields.io/badge/0b07f47bd6-fix-green\" alt=\"fix - 0b07f47bd6\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003enormalize tag names with custom namespaces in DomElementSchemaRegistry (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/eb1cbbf2eb5833219a367a61c04eb07aaa36cc29\"\u003e\u003cimg src=\"https://img.shields.io/badge/eb1cbbf2eb-fix-green\" alt=\"fix - eb1cbbf2eb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1378d54bd93f3882d732261be8e66720eb71b2\"\u003e\u003cimg src=\"https://img.shields.io/badge/cc1378d54b-fix-green\" alt=\"fix - cc1378d54b\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize dynamic href and xlink:href bindings on SVG a elements (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/782e01594e2ad9134c7385dcf3b518101b23ccab\"\u003e\u003cimg src=\"https://img.shields.io/badge/782e01594e-fix-green\" alt=\"fix - 782e01594e\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ff12fe55ace5e861ba261afb4c0480ff3c40a192\"\u003e\u003cimg src=\"https://img.shields.io/badge/ff12fe55ac-fix-green\" alt=\"fix - ff12fe55ac\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003enormalize tag names in runtime i18n attribute security context lookup (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e6fe77cc97fd10351687416f938bf754aff4eb9f\"\u003e\u003cimg src=\"https://img.shields.io/badge/e6fe77cc97-fix-green\" alt=\"fix - e6fe77cc97\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize meta selectors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/daaf32937fd5c46e411b26f7c082613716fe9550\"\u003e\u003cimg src=\"https://img.shields.io/badge/daaf32937f-fix-green\" alt=\"fix - daaf32937f\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esupport prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/dada86e43d847204f714d1a933084617ab941c0a\"\u003e\u003cimg src=\"https://img.shields.io/badge/dada86e43d-fix-green\" alt=\"fix - dada86e43d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esynchronize core sanitization schema with compiler (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/582a417bd27fdaf989e5065dbcdf1ad752faf70c\"\u003e\u003cimg src=\"https://img.shields.io/badge/582a417bd2-fix-green\" alt=\"fix - 582a417bd2\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eexclude withCredentials requests from transfer cache\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5c6d6df34bbeff3ce98f3b35875444f925cc8f51\"\u003e\u003cimg src=\"https://img.shields.io/badge/5c6d6df34b-fix-green\" alt=\"fix - 5c6d6df34b\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eskip TransferCache for cookie-bearing requests by default\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eplatform-server\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/37e8aadf87b4facfcaf002a1557f8c393a362d97\"\u003e\u003cimg src=\"https://img.shields.io/badge/37e8aadf87-fix-green\" alt=\"fix - 37e8aadf87\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent SSRF bypasses via backslash URLs in HttpClient\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72696e244ed7646cca9ab9afc7769a2163943bda\"\u003e\u003cimg src=\"https://img.shields.io/badge/72696e244e-fix-green\" alt=\"fix - 72696e244e\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esecure location and document initialization against SSRF and path hijack\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eservice-worker\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b8bd49341ddcee10d119a9d4aa8e5736e4e5da53\"\u003e\u003cimg src=\"https://img.shields.io/badge/b8bd49341d-fix-green\" alt=\"fix - b8bd49341d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePreserves explicit 'credentials: omit' in asset requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ca32fc10001301e6174804f9abcfba62252334f4\"\u003e\u003cimg src=\"https://img.shields.io/badge/ca32fc1000-fix-green\" alt=\"fix - ca32fc1000\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePreserves HTTP cache mode in asset group requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e21.2.14\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/68282dff9f9ef46540cca4bd38fc1ab739c8a783\"\u003e\u003cimg src=\"https://img.shields.io/badge/68282dff9f-fix-green\" alt=\"fix - 68282dff9f\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/c0f52272ed337d4776bd4178cbbdc7f32037500f\"\u003e\u003cimg src=\"https://img.shields.io/badge/c0f52272ed-fix-green\" alt=\"fix - c0f52272ed\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003edo not insert todo when migrating void \u003ca href=\"https://github.com/Output\"\u003e\u003ccode\u003e@​Output\u003c/code\u003e\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/938a7f3eddda97a39edb9edcc8b4dd970858b3a2\"\u003e\u003cimg src=\"https://img.shields.io/badge/938a7f3edd-fix-green\" alt=\"fix - 938a7f3edd\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003emakes resource URL sanitizer lookup case-insensitive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0fb272419407a64a0a47096b03a911f4e7e83d79\"\u003e\u003cimg src=\"https://img.shields.io/badge/0fb2724194-fix-green\" alt=\"fix - 0fb2724194\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ereject script element as a dynamic component host\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/49113ac0eff852d987b5acb28a9bbda0242842cd\"\u003e\u003cimg src=\"https://img.shields.io/badge/49113ac0ef-fix-green\" alt=\"fix - 49113ac0ef\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003evisit ICU expressions in signal migration schematics\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003erouter\u003c/h3\u003e\n\u003cp\u003e| Commit | Description |\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e21.2.15 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecommon\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7f4ac78994bff1576ab33f3ce48f95c17f40b4d8\"\u003e7f4ac78994\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eadd upper bounds for digitsInfo\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/300f61feb3a534bfddf16fcbd240f97b32249699\"\u003e300f61feb3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize placeholder\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0b07f47bd6598ae6bd5b75a375e2c817a3c0f243\"\u003e0b07f47bd6\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enormalize tag names with custom namespaces in DomElementSchemaRegistry (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/eb1cbbf2eb5833219a367a61c04eb07aaa36cc29\"\u003eeb1cbbf2eb\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1378d54bd93f3882d732261be8e66720eb71b2\"\u003ecc1378d54b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize dynamic href and xlink:href bindings on SVG a elements (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/782e01594e2ad9134c7385dcf3b518101b23ccab\"\u003e782e01594e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003estrip namespaced SVG script elements during template compilation (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ff12fe55ace5e861ba261afb4c0480ff3c40a192\"\u003eff12fe55ac\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enormalize tag names in runtime i18n attribute security context lookup (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e6fe77cc97fd10351687416f938bf754aff4eb9f\"\u003ee6fe77cc97\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize meta selectors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/daaf32937fd5c46e411b26f7c082613716fe9550\"\u003edaaf32937f\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/dada86e43d847204f714d1a933084617ab941c0a\"\u003edada86e43d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esynchronize core sanitization schema with compiler (\u003ca href=\"https://redirect.github.com/angular/angular/pull/68925\"\u003e#68925\u003c/a\u003e)\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/582a417bd27fdaf989e5065dbcdf1ad752faf70c\"\u003e582a417bd2\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eexclude withCredentials requests from transfer cache\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5c6d6df34bbeff3ce98f3b35875444f925cc8f51\"\u003e5c6d6df34b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eskip TransferCache for cookie-bearing requests by default\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eplatform-server\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/37e8aadf87b4facfcaf002a1557f8c393a362d97\"\u003e37e8aadf87\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent SSRF bypasses via backslash URLs in HttpClient\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72696e244ed7646cca9ab9afc7769a2163943bda\"\u003e72696e244e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esecure location and document initialization against SSRF and path hijack\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eservice-worker\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b8bd49341ddcee10d119a9d4aa8e5736e4e5da53\"\u003eb8bd49341d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ePreserves explicit 'credentials: omit' in asset requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ca32fc10001301e6174804f9abcfba62252334f4\"\u003eca32fc1000\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ePreserves HTTP cache mode in asset group requests\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e19.2.24 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/6ea6379123a7b0e191f8b9f66dfb74ca29659a6c\"\u003e6ea6379123\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent namespaced SVG \u003c!-- raw HTML omitted --\u003e elements from being stripped\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.23 (2026-05-28)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/29ceeffd40a2250eb51ac34af22d49e85b878922\"\u003e\u003ccode\u003e29ceeff\u003c/code\u003e\u003c/a\u003e docs: fix typos in source code comments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/251c8f27409e05b540bf9a27ab90c8c0c7efdbca\"\u003e\u003ccode\u003e251c8f2\u003c/code\u003e\u003c/a\u003e test(core): remove obsolete SVG script sanitization translation test (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/dada86e43d847204f714d1a933084617ab941c0a\"\u003e\u003ccode\u003edada86e\u003c/code\u003e\u003c/a\u003e fix(core): synchronize core sanitization schema with compiler (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/68925\"\u003e#68925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/782e01594e2ad9134c7385dcf3b518101b23ccab\"\u003e\u003ccode\u003e782e015\u003c/code\u003e\u003c/a\u003e fix(compiler): strip namespaced SVG script elements during template compilati...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/ff12fe55ace5e861ba261afb4c0480ff3c40a192\"\u003e\u003ccode\u003eff12fe5\u003c/code\u003e\u003c/a\u003e fix(core): normalize tag names in runtime i18n attribute security context loo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/0b07f47bd6598ae6bd5b75a375e2c817a3c0f243\"\u003e\u003ccode\u003e0b07f47\u003c/code\u003e\u003c/a\u003e fix(compiler): normalize tag names with custom namespaces in DomElementSchema...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1378d54bd93f3882d732261be8e66720eb71b2\"\u003e\u003ccode\u003ecc1378d\u003c/code\u003e\u003c/a\u003e fix(compiler): sanitize dynamic href and xlink:href bindings on SVG a element...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/daaf32937fd5c46e411b26f7c082613716fe9550\"\u003e\u003ccode\u003edaaf329\u003c/code\u003e\u003c/a\u003e fix(core): support prefix-insensitive DOM schema lookups and compile-time i18...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/1d6e71dd788ebda5d9bb9d3c560cc27bb503f44b\"\u003e\u003ccode\u003e1d6e71d\u003c/code\u003e\u003c/a\u003e docs: clarify ngDoCheck invocation behavior with OnPush strategy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/49113ac0eff852d987b5acb28a9bbda0242842cd\"\u003e\u003ccode\u003e49113ac\u003c/code\u003e\u003c/a\u003e fix(core): visit ICU expressions in signal migration schematics\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v21.2.15/packages/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/core\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.18.3 to 8.21.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.21.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduced the \u003ccode\u003emaxBufferedChunks\u003c/code\u003e and \u003ccode\u003emaxFragments\u003c/code\u003e options (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a remote memory exhaustion DoS vulnerability (2b2abd45).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eA high volume of tiny fragments and data chunks could be sent by a peer, using\nmodest network traffic, to crash a \u003ccode\u003ews\u003c/code\u003e server or client due to OOM.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer({ port: 0 }, function () {\nconst data = Buffer.alloc(1);\nconst options = { fin: false };\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e);\u003c/p\u003e\n\u003cp\u003ews.on('open', function () {\n(function send() {\nws.send(data, options, function (err) {\nif (err) return;\nsend();\n});\n})();\n});\u003c/p\u003e\n\u003cp\u003ews.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eclient close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.on('error', console.error);\nws.on('close', function (code, reason) {\nconsole.log(\u003ccode\u003eserver close - code: ${code} reason: ${reason.toString()}\u003c/code\u003e);\n});\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe vulnerability was responsibly disclosed and fixed by \u003ca href=\"https://github.com/Nadav0077\"\u003eNadav Magier\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIn vulnerable versions, the issue can be mitigated by lowering the value of the\n\u003ccode\u003emaxPayload\u003c/code\u003e option if possible.\u003c/p\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94\"\u003e\u003ccode\u003ebca91ad\u003c/code\u003e\u003c/a\u003e [dist] 8.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/2b2abd458a1b647d0b6033bd62a619c36189839a\"\u003e\u003ccode\u003e2b2abd4\u003c/code\u003e\u003c/a\u003e [security] Limit retained message parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/78eabe2a6677b231bf9c82601bde86ff91639490\"\u003e\u003ccode\u003e78eabe2\u003c/code\u003e\u003c/a\u003e [security] Add latest vulnerability to SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.18.3...8.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `electron` from 17.4.11 to 39.8.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/electron/electron/releases\"\u003eelectron's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eelectron v39.8.5\u003c/h2\u003e\n\u003ch1\u003eRelease Notes for v39.8.5\u003c/h1\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a crash in \u003ccode\u003eclipboard.readImage()\u003c/code\u003e when the clipboard contains malformed image data. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50493\"\u003e#50493\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50491\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50492\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50494\"\u003e42\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed a crash when calling an offscreen shared texture's \u003ccode\u003erelease()\u003c/code\u003e after the texture object was garbage collected. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50499\"\u003e#50499\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50500\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50501\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50502\"\u003e42\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eelectron v39.8.4\u003c/h2\u003e\n\u003ch1\u003eRelease Notes for v39.8.4\u003c/h1\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where \u003ccode\u003enodeIntegrationInWorker\u003c/code\u003e overrides in \u003ccode\u003esetWindowOpenHandler\u003c/code\u003e were not honored for child windows sharing a renderer process with their opener. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50468\"\u003e#50468\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50163\"\u003e38\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50467\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50134\"\u003e41\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed crash when handling JavaScript dialogs from windows opened with invalid or empty URLs. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50400\"\u003e#50400\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50401\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50399\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50398\"\u003e42\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed improper focus tracking in BaseWindow on MacOS. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50338\"\u003e#50338\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50337\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50340\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50339\"\u003e42\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed window freeze when failing to enter/exit fullscreen on macOS. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50341\"\u003e#50341\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50344\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50343\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50342\"\u003e42\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for using a proxy during yarn install. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50349\"\u003e#50349\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50352\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50350\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50351\"\u003e42\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eBackported fix for 485935305. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50440\"\u003e#50440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackported fix for 489381399. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50443\"\u003e#50443\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackported fix for chromium:475877320. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50436\"\u003e#50436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackported fixes for 484751092, 487117772. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50461\"\u003e#50461\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eelectron v39.8.3\u003c/h2\u003e\n\u003ch1\u003eRelease Notes for v39.8.3\u003c/h1\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded additional ASAR support to additional \u003ccode\u003efs\u003c/code\u003e copy methods. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50284\"\u003e#50284\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50287\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50286\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50285\"\u003e42\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed user resizing of transparent windows on win32 platform. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50300\"\u003e#50300\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50301\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50298\"\u003e41\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50299\"\u003e42\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eelectron v39.8.2\u003c/h2\u003e\n\u003ch1\u003eRelease Notes for v39.8.2\u003c/h1\u003e\n\u003ch2\u003eOther Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackported fix for b/491421267. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50230\"\u003e#50230\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eelectron v39.8.1\u003c/h2\u003e\n\u003ch1\u003eRelease Notes for v39.8.1\u003c/h1\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded validation to protocol client methods to reject protocol names that do not conform to the RFC 3986 URI scheme grammar. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50156\"\u003e#50156\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50157\"\u003e38\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50158\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50155\"\u003e41\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue on macOS where calling \u003ccode\u003eautoUpdater.quitAndInstall()\u003c/code\u003e could fail if \u003ccode\u003echeckForUpdates()\u003c/code\u003e was called again after an update was already downloaded. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50215\"\u003e#50215\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50216\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50217\"\u003e41\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue where Chrome Devtools menus may not appear in certain embedded windows. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50136\"\u003e#50136\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50138\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50137\"\u003e41\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue where \u003ccode\u003eadditionalData\u003c/code\u003e passed to \u003ccode\u003eapp.requestSingleInstanceLock\u003c/code\u003e on Windows could be truncated or fail to deserialize in the primary instance's \u003ccode\u003esecond-instance\u003c/code\u003e event. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50174\"\u003e#50174\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50177\"\u003e38\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50162\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50154\"\u003e41\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue where \u003ccode\u003escreen.getCursorScreenPoint()\u003c/code\u003e crashed on Wayland when it was called before a \u003ccode\u003eBrowserWindow\u003c/code\u003e had been created. \u003ca href=\"https://redirect.github.com/electron/electron/pull/50106\"\u003e#50106\u003c/a\u003e \u003c!-- raw HTML omitted --\u003e(Also in \u003ca href=\"https://redirect.github.com/electron/electron/pull/50104\"\u003e40\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/electron/electron/pull/50105\"\u003e41\u003c/a\u003e)\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/9d2f8cb4da0d35e2daf7e7f60e35313b508cb224\"\u003e\u003ccode\u003e9d2f8cb\u003c/code\u003e\u003c/a\u003e refactor: remove dead named-window lookup from guest-window-manager (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50498\"\u003e#50498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/11730047394233e70743c52567e17f4c3b2dc9fc\"\u003e\u003ccode\u003e1173004\u003c/code\u003e\u003c/a\u003e fix: crash calling OSR shared texture release() after texture GC'd (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50499\"\u003e#50499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/be37adefd08f882e3f1fb8403d2d9e92c3009d56\"\u003e\u003ccode\u003ebe37ade\u003c/code\u003e\u003c/a\u003e fix: crash in clipboard.readImage() on malformed image data (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50493\"\u003e#50493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/7007907df08d02da98f513dcbdb430ab51be59c7\"\u003e\u003ccode\u003e7007907\u003c/code\u003e\u003c/a\u003e chore: cherry-pick 3 changes from chromium (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50461\"\u003e#50461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/2c8b6ee0c0a7c26871dc0b320982afd8ed29df6c\"\u003e\u003ccode\u003e2c8b6ee\u003c/code\u003e\u003c/a\u003e chore: cherry-pick fbfb27470bf6 from chromium (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50436\"\u003e#50436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/4c64377ead6b53bc565d7793a2712e49882e5354\"\u003e\u003ccode\u003e4c64377\u003c/code\u003e\u003c/a\u003e chore: cherry-pick 50b057660b4d from chromium (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50440\"\u003e#50440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/0ef056130cde0c19c81ccfbc2932df6911765849\"\u003e\u003ccode\u003e0ef0561\u003c/code\u003e\u003c/a\u003e fix: read nodeIntegrationInWorker from per-frame WebPreferences (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50122\"\u003e#50122\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50\"\u003e#50\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/64373df3ca697bc6fe6e3ab1f463ba05beaf64cf\"\u003e\u003ccode\u003e64373df\u003c/code\u003e\u003c/a\u003e chore: cherry-pick 074d472db745 from chromium (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50443\"\u003e#50443\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/13e44072be367f516cfad36f95d183765174f4bf\"\u003e\u003ccode\u003e13e4407\u003c/code\u003e\u003c/a\u003e fix: don't re-parse URL unnecessarily when handling dialogs (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50400\"\u003e#50400\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/electron/electron/commit/16a038502a4ea0c79976be60bcc8f28a49f1ab99\"\u003e\u003ccode\u003e16a0385\u003c/code\u003e\u003c/a\u003e ci: output build cache hit rate as GHA annotation (\u003ca href=\"https://redirect.github.com/electron/electron/issues/50369\"\u003e#50369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/electron/electron/compare/v17.4.11...v39.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `simple-git` from 1.132.0 to 3.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/steveukx/git-js/releases\"\u003esimple-git's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esimple-git@3.36.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e89a2294: Extend known exploitable configuration keys and per-task environment variables.\u003c/p\u003e\n\u003cp\u003eNote - \u003ccode\u003eParsedVulnerabilities\u003c/code\u003e from \u003ccode\u003eargv-parser\u003c/code\u003e is removed in favour of a readonly array of \u003ccode\u003eVulnerability\u003c/code\u003e to match usage in \u003ccode\u003esimple-git\u003c/code\u003e, rolled into the new \u003ccode\u003evulnerabilityCheck\u003c/code\u003e for simpler access to the identified issues.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/zebbern\"\u003e\u003ccode\u003e@​zebbern\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003ecore.fsmonitor\u003c/code\u003e.\nThanks to \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e for identifying the need to block \u003ccode\u003eGIT_CONFIG_COUNT\u003c/code\u003e environment variables and \u003ccode\u003e--template\u003c/code\u003e / \u003ccode\u003emerge\u003c/code\u003e related config.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1ad57e8: Remove conflicting node:buffer import\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [89a2294]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [675570a]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.1.0\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0cf9d8c: Improvements for mono-repo publishing pipeline\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0cf9d8c]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/args-pathspec\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.35.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0de400e: Update monorepo version handling during publish\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [0de400e]\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​simple-git/argv-parser\u003c/code\u003e\u003ca href=\"https://github.com/1\"\u003e\u003ccode\u003e@​1\u003c/code\u003e\u003c/a\u003e.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.33.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea263635: Use \u003ccode\u003epathspec\u003c/code\u003e wrappers for remote and local paths when running either \u003ccode\u003egit.clone\u003c/code\u003e or \u003ccode\u003egit.mirror\u003c/code\u003e to\navoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ee253a0d: Enhanced \u003ccode\u003egit -c\u003c/code\u003e checks in \u003ccode\u003eunsafe\u003c/code\u003e plugin.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/JohannesLks\"\u003e\u003ccode\u003e@​JohannesLks\u003c/code\u003e\u003c/a\u003e for identifying the issue\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esimple-git@3.32.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ef704208: Enhanced \u003ccode\u003eprotocol.allow\u003c/code\u003e checks in \u003ccode\u003eallowUnsafeExtProtocol\u003c/code\u003e handling.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSour...\n\n_Description has been truncated_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nRefresh dependencies in the root and `test/framework/twilio-video-angular` to pick up security fixes and modern APIs. Major upgrades include `electron` 39 and Angular 21.\n\n- **Dependencies**\n  - Root: `electron` → `39.8.5`, `simple-git` → `3.36.0`, `twilio` → `6.0.2`, `inquirer` → `14.0.1`, `vinyl-fs` → `4.0.2`.\n  - Security: `ws` → `8.21.0` (DoS fix), `axios` → `1.x` (indirect), plus minor patches.\n  - Test fixture: `@angular/common`, `@angular/compiler`, `@angular/core` → `21.2.15`.\n\n- **Migration**\n  - Electron: v39 is a major jump from v17. Review breaking changes and retest build/startup.\n  - Angular test app: align all `@angular/*` packages to the same major (v21) and run migrations; Angular 21 requires recent TypeScript and RxJS.\n\n\u003csup\u003eWritten for commit 0665657f26fffa205b53142f36eea084b3d46a89. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/EmilynnJ/twilio-video.js/pull/1?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n\n\n\u003c!-- Macroscope's pull request summary starts here --\u003e\n\u003c!-- Macroscope will only edit the content between these invisible markers, and the markers themselves will not be visible in the GitHub rendered markdown. --\u003e\n\u003c!-- If you delete either of the start / end markers from your PR's description, Macroscope will append its summary at the bottom of the description. --\u003e\n\u003e [!NOTE]\n\u003e ### Bump npm dependencies including electron, twilio, Angular, and related packages to latest major versions\n\u003e - Updates [package.json](https://github.com/EmilynnJ/twilio-video.js/pull/1/files#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519) with major version bumps: `electron` ^17→^39, `inquirer` ^7→^14, `simple-git` ^1→^3, `twilio` ^3→^6, `vinyl-fs` ^2→^4\n\u003e - Updates the Angular test fixture in [test/framework/twilio-video-angular/package.json](https://github.com/EmilynnJ/twilio-video.js/pull/1/files#diff-67a77c7d13d11f9b3515fa6981c7a0b6c468c9096ef79d8ed89fa82702dd7c38) from Angular 4.0.x to 21.2.x\n\u003e - Risk: multiple major version bumps across core and test dependencies may introduce breaking API changes requiring code updates\n\u003e\n\u003e \u003c!-- Macroscope's review summary starts here --\u003e\n\u003e\n\u003e \u003csup\u003e\u003ca href=\"https://app.macroscope.com\"\u003eMacroscope\u003c/a\u003e summarized 0665657.\u003c/sup\u003e\n\u003e \u003c!-- Macroscope's review summary ends here --\u003e\n\u003e\n\u003c!-- macroscope-ui-refresh --\u003e\n\u003c!-- Macroscope's pull request summary ends here --\u003e","html_url":"https://github.com/EmilynnJ/twilio-video.js/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EmilynnJ%2Ftwilio-video.js/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-05-30T07:14:28.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4553670012","node_id":"PR_kwDOQng5Q87g6KkP","number":3,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 13 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-30T07:14:28.000Z","updated_at":"2026-05-30T07:14:55.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":13,"packages":[{"name":"@protobufjs/utf8","old_version":"1.1.0","new_version":"1.1.1","repository_url":"https://github.com/dcodeIO/protobuf.js"},{"name":"base-x","old_version":"3.0.10","new_version":"3.0.11","repository_url":"https://github.com/cryptocoinjs/base-x"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"express","old_version":"4.19.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"fast-uri","old_version":"3.0.1","new_version":"3.1.2","repository_url":"https://github.com/fastify/fast-uri"},{"name":"follow-redirects","old_version":"1.15.6","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"min-document","old_version":"2.19.0","new_version":"2.19.2","repository_url":"https://github.com/Raynos/min-document"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@protobufjs/utf8](https://github.com/dcodeIO/protobuf.js) | `1.1.0` | `1.1.1` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.10` | `3.0.11` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [express](https://github.com/expressjs/express) | `4.19.2` | `4.22.2` |\n| [fast-uri](https://github.com/fastify/fast-uri) | `3.0.1` | `3.1.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.6` | `1.16.0` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [min-document](https://github.com/Raynos/min-document) | `2.19.0` | `2.19.2` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.6` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n\n\nUpdates `@protobufjs/utf8` from 1.1.0 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dcodeIO/protobuf.js/releases\"\u003e@​protobufjs/utf8's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eprotobufjs-cli: v1.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/compare/protobufjs-cli-v1.1.0...protobufjs-cli-v1.1.1\"\u003e1.1.1\u003c/a\u003e (2023-02-02)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e fix relative path to Google pb files (\u003ca href=\"https://redirect.github.com/protobufjs/protobuf.js/issues/1859\"\u003e#1859\u003c/a\u003e) (\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e42eea4868b11f4a07934804a56683321ed191e2\"\u003ee42eea4\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/ab3862d133ab9b824f12eab5f993784333543dbf\"\u003e\u003ccode\u003eab3862d\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2255\"\u003e#2255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/0853a625680f9247596b84ef48082b8f4e554797\"\u003e\u003ccode\u003e0853a62\u003c/code\u003e\u003c/a\u003e fix: Backport bundler-safe optional module lookups (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2254\"\u003e#2254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/d7035f9b7f06210ea343cab1f2f1cc18ee5cc1d6\"\u003e\u003ccode\u003ed7035f9\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/54b593ffd960f7fe4b0c448a12542c3de0a0cf26\"\u003e\u003ccode\u003e54b593f\u003c/code\u003e\u003c/a\u003e fix: Backport parser hardening to 7.x (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2245\"\u003e#2245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/e88fcea1635f79c414e8a070e164d38ea99e104a\"\u003e\u003ccode\u003ee88fcea\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2239\"\u003e#2239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/cc7d59559d4e8c533a35218310c67f4a5dda54f5\"\u003e\u003ccode\u003ecc7d595\u003c/code\u003e\u003c/a\u003e fix: Restore first-match namespace lookup (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2236\"\u003e#2236\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/3abc9b54d67a7102785c6dfd8bf6610f545d445b\"\u003e\u003ccode\u003e3abc9b5\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2190\"\u003e#2190\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/a0bf2dfdd8a75aa62ce5a1ff47a52b9b8f1ea793\"\u003e\u003ccode\u003ea0bf2df\u003c/code\u003e\u003c/a\u003e fix: Update CLI peer dependency (7.x) (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2189\"\u003e#2189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/2189e5beeca6a70e4c104dfdb9fb8200bc5f81fe\"\u003e\u003ccode\u003e2189e5b\u003c/code\u003e\u003c/a\u003e chore: release protobufjs-v7.x (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2174\"\u003e#2174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/protobufjs/protobuf.js/commit/75392ea1b78bdc4faba027b5db44ad7c50e9c454\"\u003e\u003ccode\u003e75392ea\u003c/code\u003e\u003c/a\u003e fix: Backport input hardening and CLI fixes to 7.x (\u003ca href=\"https://redirect.github.com/dcodeIO/protobuf.js/issues/2173\"\u003e#2173\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dcodeIO/protobuf.js/compare/protobufjs-cli-v1.1.0...fetch-v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `base-x` from 3.0.10 to 3.0.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/043a888a9bae09bc4b40500e37792e2c6398e9f2\"\u003e\u003ccode\u003e043a888\u003c/code\u003e\u003c/a\u003e 3.0.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/2705dddd2565b455641985974b534291d8defb31\"\u003e\u003ccode\u003e2705ddd\u003c/code\u003e\u003c/a\u003e [backport 3.x] Prohibit char codes that would overflow the \u003ccode\u003eBASE_MAP\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/base-x/compare/v3.0.10...v3.0.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.19.2 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.19.2...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-uri` from 3.0.1 to 3.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fast-uri/releases\"\u003efast-uri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.2\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle malformed fragment decoding as a parse error by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/171\"\u003efastify/fast-uri#171\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.32.0 to 0.33.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/148\"\u003efastify/fast-uri#148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/149\"\u003efastify/fast-uri#149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(.npmrc): ignore scripts by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/150\"\u003efastify/fast-uri#150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): remove \u003ccode\u003e@​fastify/pre-commit\u003c/code\u003e by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/151\"\u003efastify/fast-uri#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/152\"\u003efastify/fast-uri#152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): add concurrency config by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/153\"\u003efastify/fast-uri#153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/154\"\u003efastify/fast-uri#154\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/156\"\u003efastify/fast-uri#156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/159\"\u003efastify/fast-uri#159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/161\"\u003efastify/fast-uri#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove unused github files by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update readme by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/164\"\u003efastify/fast-uri#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/165\"\u003efastify/fast-uri#165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/166\"\u003efastify/fast-uri#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/167\"\u003efastify/fast-uri#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/169\"\u003efastify/fast-uri#169\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: remove master branch support by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/126\"\u003efastify/fast-uri#126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(test) remove .gitkeep by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/128\"\u003efastify/fast-uri#128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): set job permissions by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/129\"\u003efastify/fast-uri#129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: set permissions at workflow level by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/131\"\u003efastify/fast-uri#131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: set workflow permissions to read-only by default by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/132\"\u003efastify/fast-uri#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): restore job level permissions by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/133\"\u003efastify/fast-uri#133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.31.2 to 0.32.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/134\"\u003efastify/fast-uri#134\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): pin actions to commit-hash by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/135\"\u003efastify/fast-uri#135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add node 24 to test matrix by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/136\"\u003efastify/fast-uri#136\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/919dd8ea7689fcc220d0d9b71307f5095e723ef9\"\u003e\u003ccode\u003e919dd8e\u003c/code\u003e\u003c/a\u003e Bumped v3.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/c65ba573714af6b8e19e481d9444c27bc4355d07\"\u003e\u003ccode\u003ec65ba57\u003c/code\u003e\u003c/a\u003e fixup: linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/6c86c17c3d76fb93aa3700ec6c0fa00faeb97293\"\u003e\u003ccode\u003e6c86c17\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/a95158ad308df4d92bbde4eba699ce5165e9f796\"\u003e\u003ccode\u003ea95158a\u003c/code\u003e\u003c/a\u003e Handle malformed fragment decoding without throwing (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/171\"\u003e#171\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/cea547c91c6aae610041b17b75792ca4aa035a6d\"\u003e\u003ccode\u003ecea547c\u003c/code\u003e\u003c/a\u003e Bumped v3.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/876ce79b662c3e5015e4e7dffe6f37752ad34f35\"\u003e\u003ccode\u003e876ce79\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/dcdf690b71a7bb3a19887ada65a9ab160d83bcc0\"\u003e\u003ccode\u003edcdf690\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/c860e6589b1ac346f66e114b4eadb9613768108c\"\u003e\u003ccode\u003ec860e65\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/9b4c6dc82fde0ca44e674403ece9185d85bb6d5f\"\u003e\u003ccode\u003e9b4c6dc\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/85d09a9f7aa76b32c2bb005a90a71e144c361d24\"\u003e\u003ccode\u003e85d09a9\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-mana...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.0.1...v3.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.6 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.6...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `min-document` from 2.19.0 to 2.19.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/0d14150640e4dd159e092eb551b3aca8f3378991\"\u003e\u003ccode\u003e0d14150\u003c/code\u003e\u003c/a\u003e 2.19.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/49c2e0607bece7a041b8935bfb044ce6b65777d8\"\u003e\u003ccode\u003e49c2e06\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Raynos/min-document/issues/56\"\u003e#56\u003c/a\u003e from wasabina67/fix/prototype-pollution-removeAttribut...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/966646172d9063f880aeaf79882edfc3a0ceaca4\"\u003e\u003ccode\u003e9666461\u003c/code\u003e\u003c/a\u003e Fix prototype pollution vulnerability in removeAttributeNS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/4490b40cbb19feb26b09f217690a0969d1a89d51\"\u003e\u003ccode\u003e4490b40\u003c/code\u003e\u003c/a\u003e 2.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/2cd587153733d3346365df6033067f64f07690f5\"\u003e\u003ccode\u003e2cd5871\u003c/code\u003e\u003c/a\u003e update ignore\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/fe32e8da464cef622528725f647029a8fd7d95a6\"\u003e\u003ccode\u003efe32e8d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Raynos/min-document/issues/55\"\u003e#55\u003c/a\u003e from jameswassink/fix/prototype-pollution-removeAttrib...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/6c5f31aa57e2122fcedd4c7eae58b82f477e09f5\"\u003e\u003ccode\u003e6c5f31a\u003c/code\u003e\u003c/a\u003e Better prototype pollution fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/0d4e8192ef723fb869645256102a56ed922efd68\"\u003e\u003ccode\u003e0d4e819\u003c/code\u003e\u003c/a\u003e Fix prototype pollution in removeAttributeNS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/bf7b69130a364b5c6fcb8e623bffe43054994c65\"\u003e\u003ccode\u003ebf7b691\u003c/code\u003e\u003c/a\u003e Update package.json\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Raynos/min-document/commit/1b5402dcd5df3bf2575e71d463baa44dc2c05571\"\u003e\u003ccode\u003e1b5402d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Raynos/min-document/issues/49\"\u003e#49\u003c/a\u003e from PixnBits/patch-1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Raynos/min-document/compare/v2.19.0...v2.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pbkdf2` from 3.1.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md\"\u003epbkdf2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.5...v3.1.6\"\u003ev3.1.6\u003c/a\u003e - 2026-05-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[New] add TypeScript type declarations \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fb1f74746f8f1ab171d7d43ede48eeca9e694ce3\"\u003e\u003ccode\u003efb1f747\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] coerce \u003ccode\u003e-0\u003c/code\u003e keylen to \u003ccode\u003e+0\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7c4a4959142269cbfae8b1448e3a5848b84ac2f4\"\u003e\u003ccode\u003e7c4a495\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3cce1691f5021a70673ecb8833f729c1840cd38\"\u003e\u003ccode\u003ee3cce16\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix an error \u003ca href=\"https://github.com/browserify/pbkdf2/commit/f6b0e424257980e3331da18bd7d1ed3232d17afd\"\u003e\u003ccode\u003ef6b0e42\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix \u003ccode\u003enpm run postlint\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/b729629ca1ced08e42ecd5419a7971f20307ebb5\"\u003e\u003ccode\u003eb729629\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/5e0cf517d1124dd42df315b0cc5cc6219426350b\"\u003e\u003ccode\u003e5e0cf51\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/1c3b1f526b052a29b3b42120c9821895772df7e8\"\u003e\u003ccode\u003e1c3b1f5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge \u003ca href=\"https://github.com/browserify/pbkdf2/commit/528bd3861dda05e2d7e1ef7cbb724baca43766e3\"\u003e\u003ccode\u003e528bd38\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.4...v3.1.5\"\u003ev3.1.5\u003c/a\u003e - 2025-09-23\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] only allow finite iterations \u003ca href=\"https://github.com/browserify/pbkdf2/commit/67bd94dbbf21b93f5e282ee910728945c8ef2827\"\u003e\u003ccode\u003e67bd94d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8f59d962f71dcb2cc14067d7f514ff96e3406f81\"\u003e\u003ccode\u003e8f59d96\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] check parameters before the \u0026quot;no Promise\u0026quot; bailout \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d2dc5f052cacadf3d4a09d87164158da875ca740\"\u003e\u003ccode\u003ed2dc5f0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.3...v3.1.4\"\u003ev3.1.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ecreate-hash\u003c/code\u003e, \u003ccode\u003eripemd160\u003c/code\u003e, \u003ccode\u003esha.js\u003c/code\u003e, \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8dbf49b38235066c565a92eaf3722720a1333a2d\"\u003e\u003ccode\u003e8dbf49b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] update repo URLs \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d15bc351de0edbed394d2a6189176960aaa0d050\"\u003e\u003ccode\u003ed15bc35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/aaf870b1d1855e6a381af05021f304294a79f7c9\"\u003e\u003ccode\u003eaaf870b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.3\"\u003ev3.1.3\u003c/a\u003e - 2025-06-20\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8b067308eedcc3b7da3e06202d437ff532de75bd\"\u003e\u003ccode\u003e8b06730\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix whitespace \u003ca href=\"https://github.com/browserify/pbkdf2/commit/9a76e2f37ef4541aeff92d97b7335b7fa6e989a8\"\u003e\u003ccode\u003e9a76e2f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix parens/curlies/semis/etc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/6fd84bf64a423d207d9e665f3e9fd88b148c4480\"\u003e\u003ccode\u003e6fd84bf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/796c38d428ed9546e7ddfbb38322faa99921d716\"\u003e\u003ccode\u003e796c38d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node 17 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/3661fb0156177bfe380c7bcc133917e7ee501bc7\"\u003e\u003ccode\u003e3661fb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;[Tests] fix tests in node \u0026lt; 3\u0026quot; \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7431b5766805cbf880c1b3d0f38d484357844ff7\"\u003e\u003ccode\u003e7431b57\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests in node \u0026lt; 3 \u003ca href=\"https://github.com/browserify/pbkdf2/commit/eb9f97a66ed83836bebc4ff563a1588248708501\"\u003e\u003ccode\u003eeb9f97a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] ensure unknown algorithms throw + known ones match node \u003ca href=\"https://github.com/browserify/pbkdf2/commit/26d4fd391e00ed806840ea1ef7341937985f4ba8\"\u003e\u003ccode\u003e26d4fd3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add GHA, always run nyc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/513906a735e80a0e125e1a3363c5dbe90bb34bb7\"\u003e\u003ccode\u003e513906a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] fix a few more rules \u003ca href=\"https://github.com/browserify/pbkdf2/commit/ab04da834a0342cb3779486314fa67ebc1e3f035\"\u003e\u003ccode\u003eab04da8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[lint] switch to eslint \u003ca href=\"https://github.com/browserify/pbkdf2/commit/89694cf7e4062a8c924fbe74ad2b2d3cf78f1715\"\u003e\u003ccode\u003e89694cf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add coverage \u003ca href=\"https://github.com/browserify/pbkdf2/commit/d0d534bfdc4db6d6ea9f719606ad18a78db6c124\"\u003e\u003ccode\u003ed0d534b\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb\"\u003e\u003ccode\u003ee3102a8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[readme] improve badges \u003ca href=\"https://github.com/browserify/pbkdf2/commit/fca0c9d4c5b053d911315a3607367d1db9f9f605\"\u003e\u003ccode\u003efca0c9d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] remove unused travis file \u003ca href=\"https://github.com/browserify/pbkdf2/commit/a2c7d93bbcad73c49dad0c18fef6b8a4af8c3310\"\u003e\u003ccode\u003ea2c7d93\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] switch from \u003ccode\u003efiles\u003c/code\u003e to \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/pbkdf2/commit/7f31fbca528fa5af3b7d3910daf09a7e5ed8adb4\"\u003e\u003ccode\u003e7f31fbc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] use .nycrc \u003ca href=\"https://github.com/browserify/pbkdf2/commit/8d628e8d5559b4acd4d4a714afb04a2990f901b7\"\u003e\u003ccode\u003e8d628e8\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/ea4768bd09be327904b4ac075d9328c7c7ee2404\"\u003e\u003ccode\u003eea4768b\u003c/code\u003e\u003c/a\u003e v3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/b729629ca1ced08e42ecd5419a7971f20307ebb5\"\u003e\u003ccode\u003eb729629\u003c/code\u003e\u003c/a\u003e [Tests] fix \u003ccode\u003enpm run postlint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/7c4a4959142269cbfae8b1448e3a5848b84ac2f4\"\u003e\u003ccode\u003e7c4a495\u003c/code\u003e\u003c/a\u003e [Fix] coerce \u003ccode\u003e-0\u003c/code\u003e keylen to \u003ccode\u003e+0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/5e0cf517d1124dd42df315b0cc5cc6219426350b\"\u003e\u003ccode\u003e5e0cf51\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/1c3b1f526b052a29b3b42120c9821895772df7e8\"\u003e\u003ccode\u003e1c3b1f5\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/e3cce1691f5021a70673ecb8833f729c1840cd38\"\u003e\u003ccode\u003ee3cce16\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003e@types/node\u003c/code\u003e, \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/f6b0e424257980e3331da18bd7d1ed3232d17afd\"\u003e\u003ccode\u003ef6b0e42\u003c/code\u003e\u003c/a\u003e [eslint] fix an error\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/fb1f74746f8f1ab171d7d43ede48eeca9e694ce3\"\u003e\u003ccode\u003efb1f747\u003c/code\u003e\u003c/a\u003e [New] add TypeScript type declarations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/528bd3861dda05e2d7e1ef7cbb724baca43766e3\"\u003e\u003ccode\u003e528bd38\u003c/code\u003e\u003c/a\u003e [readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/pbkdf2/commit/36879052911703147a6dfa5e97422126bf3cda5b\"\u003e\u003ccode\u003e3687905\u003c/code\u003e\u003c/a\u003e v3.1.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/browserify/pbkdf2/compare/v3.1.2...v3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for pbkdf2 since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 2.3.1 to 2.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.3.2\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: exception when glob pattern contains constructor by \u003ca href=\"https://github.com/Jason3S\"\u003e\u003ccode\u003e@​Jason3S\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/micromatch/picomatch/pull/144\"\u003emicromatch/picomatch#144\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ehttps://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md\"\u003epicomatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease history\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eAll notable changes to this project will be documented in this file.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"http://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"http://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003eChangelogs are for humans, not machines.\u003c/li\u003e\n\u003cli\u003eThere should be an entry for every single version.\u003c/li\u003e\n\u003cli\u003eThe same types of changes should be grouped.\u003c/li\u003e\n\u003cli\u003eVersions and sections should be linkable.\u003c/li\u003e\n\u003cli\u003eThe latest version comes first.\u003c/li\u003e\n\u003cli\u003eThe release date of each versions is displayed.\u003c/li\u003e\n\u003cli\u003eMention whether you follow Semantic Versioning.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eChangelog entries are classified using the following labels \u003cem\u003e(from \u003ca href=\"http://keepachangelog.com/\"\u003ekeep-a-changelog\u003c/a\u003e\u003c/em\u003e):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAdded\u003c/code\u003e for new features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eChanged\u003c/code\u003e for changes in existing functionality.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDeprecated\u003c/code\u003e for soon-to-be removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRemoved\u003c/code\u003e for now removed features.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFixed\u003c/code\u003e for any bug fixes.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSecurity\u003c/code\u003e in case of vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e4.0.0 (2024-02-07)\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bad text values in parse \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/126\"\u003e#126\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/connor4312\"\u003e\u003ccode\u003e@​connor4312\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove process global to work outside of node \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/129\"\u003e#129\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/styfle\"\u003e\u003ccode\u003e@​styfle\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sideEffects to package.json \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/128\"\u003e#128\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/frandiox\"\u003e\u003ccode\u003e@​frandiox\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoved \u003ccode\u003eos\u003c/code\u003e, make compatible browser environment. See \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/124\"\u003e#124\u003c/a\u003e, thanks to \u003ca href=\"https://github.com/gwsbhqt\"\u003e\u003ccode\u003e@​gwsbhqt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/81cba8d4b767cab3cb29d26eb4f691eed75b73b2\"\u003e\u003ccode\u003e81cba8d\u003c/code\u003e\u003c/a\u003e Publish 2.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/fc1f6b69006e9435caf8fb40d8aff378bc0b7bce\"\u003e\u003ccode\u003efc1f6b6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/eec17aee5428a7249e9ca5adbb8a0d28fa29619b\"\u003e\u003ccode\u003eeec17ae\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/78f8ca4362d9e66cadea97b93e292f10096452ed\"\u003e\u003ccode\u003e78f8ca4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/156\"\u003e#156\u003c/a\u003e from micromatch/backport-144\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/3f4f10eaa65bf3a52e8f2999674cd27e11fa3c9b\"\u003e\u003ccode\u003e3f4f10e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/144\"\u003e#144\u003c/a\u003e from Jason3S/jdent-object-properties\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `send` from 0.18.0 to 0.19.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/releases\"\u003esend's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.19.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/279\"\u003epillarjs/send#279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 0.19.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/280\"\u003epillarjs/send#280\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.1...0.19.2\"\u003ehttps://github.com/pillarjs/send/compare/0.19.1...0.19.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(deps): encodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/240\"\u003epillarjs/send#240\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.19.0...0.19.1\"\u003ehttps://github.com/pillarjs/send/compare/0.19.0...0.19.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pillarjs/send/pull/235\"\u003epillarjs/send#235\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pillarjs/send/compare/0.18.0...0.19.0\"\u003ehttps://github.com/pillarjs/send/compare/0.18.0...0.19.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pillarjs/send/blob/master/HISTORY.md\"\u003esend's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.19.2 / 2025-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: statuses@~2.0.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.1 / 2024-10-09\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.19.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/34ba03b7579d31c8bb6d5a3ead573da1a7a118e7\"\u003e\u003ccode\u003e34ba03b\u003c/code\u003e\u003c/a\u003e 0.19.2 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/280\"\u003e#280\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/e53e4e51b98e62955c9e302e77585a85f45a9c8b\"\u003e\u003ccode\u003ee53e4e5\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/279\"\u003e#279\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/19efaa39b98ff3ea26a90a484b9fd11efe0b37cd\"\u003e\u003ccode\u003e19efaa3\u003c/code\u003e\u003c/a\u003e 0.19.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/0a9fa80d8b49643066a6f7b5b4cb891b8e44cc05\"\u003e\u003ccode\u003e0a9fa80\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0 (\u003ca href=\"https://redirect.github.com/pillarjs/send/issues/240\"\u003e#240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/9d2db99518b366d20783fe1c08a1b9bd418929ce\"\u003e\u003ccode\u003e9d2db99\u003c/code\u003e\u003c/a\u003e 0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35\"\u003e\u003ccode\u003eae4f298\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pillarjs/send/compare/0.18.0...0.19.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for send since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `serve-static` from 1.15.0 to 1.16.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/releases\"\u003eserve-static's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/227\"\u003eexpressjs/serve-static#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.16.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/229\"\u003eexpressjs/serve-static#229\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.2...v1.16.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eencodeurl@~2.0.0 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/180\"\u003eexpressjs/serve-static#180\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.16.1...v1.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebump send to 0.19 by \u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tommasini\"\u003e\u003ccode\u003e@​tommasini\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/176\"\u003eexpressjs/serve-static#176\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\"\u003ehttps://github.com/expressjs/serve-static/compare/1.16.0...v1.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/serve-static/pull/173\"\u003eexpressjs/serve-static#173\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\"\u003ehttps://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/serve-static/blob/master/HISTORY.md\"\u003eserve-static's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.16.3 / 2024-12-15\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@~0.19.1\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.2 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.1 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.16.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/9acad22498aa5f95b6e887eae1ab9eae63657d8a\"\u003e\u003ccode\u003e9acad22\u003c/code\u003e\u003c/a\u003e 1.16.3 (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/52dc97d9d3a0269266d005b79eeac295d0a5a895\"\u003e\u003ccode\u003e52dc97d\u003c/code\u003e\u003c/a\u003e deps: send@~0.19.1 and upgrade Node.js versions on the CI  (\u003ca href=\"https://redirect.github.com/expressjs/serve-static/issues/227\"\u003e#227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/ec9c5ecfb09368519e4698ffbbe1882de00d0ef2\"\u003e\u003ccode\u003eec9c5ec\u003c/code\u003e\u003c/a\u003e 1.16.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/f454d37c68fdad04b582cb9ac0cd165ab6d19114\"\u003e\u003ccode\u003ef454d37\u003c/code\u003e\u003c/a\u003e fix(deps): encodeurl@~2.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/77a8255688cc4affc70e6dc9aa02e3ced4957e77\"\u003e\u003ccode\u003e77a8255\u003c/code\u003e\u003c/a\u003e 1.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/4263f496876980c165a3104d087c1ebaa046ad3d\"\u003e\u003ccode\u003e4263f49\u003c/code\u003e\u003c/a\u003e fix(deps): send@0.19.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/48c73970b129b96cba448e792576ad89b1f9fbed\"\u003e\u003ccode\u003e48c7397\u003c/code\u003e\u003c/a\u003e 1.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b\"\u003e\u003ccode\u003e0c11fad\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/expressjs/serve-static/compare/v1.15.0...v1.16.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for serve-static since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sha.js` from 2.4.11 to 2.4.12\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/sha.js/blob/master/CHANGELOG.md\"\u003esha.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/sha.js/compare/v2.4.11...v2.4.12\"\u003ev2.4.12\u003c/a\u003e - 2025-07-01\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/sha.js/commit/7acadfbd3abb558880212b20669fcb09e1aa1c58\"\u003e\u003ccode\u003e7acadfb\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/b46e7116ebeaa82f34bbf2d7494fff7ef46eab3e\"\u003e\u003ccode\u003eb46e711\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] fix package.json indentation \u003ca href=\"https://github.com/browserify/sha.js/commit/df9d521e16ddf55dc877c43c05706d43c057fad4\"\u003e\u003ccode\u003edf9d521\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/sha.js/commit/c43c64adc6d3607d470538df72338fc02e63bc24\"\u003e\u003ccode\u003ec43c64a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] support multi-byte wide typed arrays \u003ca href=\"https://github.com/browserify/sha.js/commit/f2a258e9f2d0fcd113bfbaa49706e1ac0d979ba5\"\u003e\u003ccode\u003ef2a258e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] reorder package.json \u003ca href=\"https://github.com/browserify/sha.js/commit/d8d77c0a729c99593e304047f9d4335b498fd9ed\"\u003e\u003ccode\u003ed8d77c0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e \u003ca href=\"https://github.com/browserify/sha.js/commit/35aec35c667b606b2495be3e4186bbe977b9e087\"\u003e\u003ccode\u003e35aec35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] avoid console logs \u003ca href=\"https://github.com/browserify/sha.js/commit/73e33ae0ca6bca232627cac7473028e1d218f67e\"\u003e\u003ccode\u003e73e33ae\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] fix tests run in batch \u003ca href=\"https://github.com/browserify/sha.js/commit/262913006e94616c8cd24...\n\n_Description has been truncated_","html_url":"https://github.com/Dct555/1inch-token/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Dct555%2F1inch-token/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-05-27T20:31:40.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4535521614","node_id":"PR_kwDOO4ZYrM7f-4dY","number":611,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 23 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-06-03T20:32:51.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-27T20:31:40.000Z","updated_at":"2026-06-03T20:32:54.000Z","time_to_close":604871,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":19,"packages":[{"name":"uuid","old_version":"8.3.2","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"bn.js","old_version":"5.2.2","new_version":"5.2.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"@babel/runtime","old_version":"7.25.4","new_version":"7.26.10","repository_url":"https://github.com/babel/babel"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"@tootallnate/once","old_version":"2.0.0","new_version":"2.0.1","repository_url":"https://github.com/TooTallNate/once"},{"name":"axios","old_version":"1.7.5","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"base-x","old_version":"3.0.10","new_version":"3.0.11","repository_url":"https://github.com/cryptocoinjs/base-x"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"fast-xml-builder","old_version":"1.1.4","new_version":"1.2.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-builder"},{"name":"fast-xml-parser","old_version":"5.5.9","new_version":"5.8.0","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"4.0.0","new_version":"4.0.5","repository_url":"https://github.com/form-data/form-data"},{"name":"handlebars","old_version":"4.7.8","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash-es","old_version":"4.17.23","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"postcss","old_version":"8.4.41","new_version":"8.5.15","repository_url":"https://github.com/postcss/postcss"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 18 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [uuid](https://github.com/uuidjs/uuid) | `8.3.2` | `14.0.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `5.2.2` | `5.2.3` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.25.4` | `7.26.10` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.11` |\n| [@tootallnate/once](https://github.com/TooTallNate/once) | `2.0.0` | `2.0.1` |\n| [axios](https://github.com/axios/axios) | `1.7.5` | `1.16.1` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.10` | `3.0.11` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [fast-xml-builder](https://github.com/NaturalIntelligence/fast-xml-builder) | `1.1.4` | `1.2.0` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.5.9` | `5.8.0` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.5` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.8` | `4.7.9` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [lodash-es](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.4.41` | `8.5.15` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/accounts-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/analytics-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/assets-controllers directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/bridge-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/bridge-status-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/core-backend directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/eip-5792-middleware directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/gas-fee-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/keyring-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/logging-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/message-manager directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/multichain-account-service directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/multichain-transactions-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/network-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/notification-services-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/perps-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/polling-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/remote-feature-flag-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/shield-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/signature-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/transaction-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/user-operation-controller directory: [uuid](https://github.com/uuidjs/uuid).\n\nUpdates `uuid` from 8.3.2 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v8.3.2...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 5.2.2 to 5.2.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/indutny/bn.js/blob/master/CHANGELOG.md\"\u003ebn.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.3 / 2026-02-19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ea6c072a951493ca99e5cd5f8da3851b90116271\"\u003e\u003ccode\u003eea6c072\u003c/code\u003e\u003c/a\u003e 5.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/33df26b5771e824f303a79ec6407409376baa64b\"\u003e\u003ccode\u003e33df26b\u003c/code\u003e\u003c/a\u003e fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v5.2.2...v5.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/runtime` from 7.25.4 to 7.26.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/runtime's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.26.10 (2025-03-11)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/jordan-choi\"\u003e\u003ccode\u003e@​jordan-choi\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/mmmsssttt404\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003cp\u003eThis release includes a fix for \u003ca href=\"https://github.com/babel/babel/security/advisories/GHSA-968p-4wvh-cqc8\"\u003ehttps://github.com/babel/babel/security/advisories/GHSA-968p-4wvh-cqc8\u003c/a\u003e, a security vulnerability which affects the \u003ccode\u003e.replace\u003c/code\u003e method of transpiled regular expressions that use named capturing groups.\u003c/p\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17159\"\u003e#17159\u003c/a\u003e Disallow decorator in array pattern (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e, \u003ccode\u003ebabel-template\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17164\"\u003e#17164\u003c/a\u003e Fix: always initialize ExportDeclaration attributes (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17142\"\u003e#17142\u003c/a\u003e fix: \u0026quot;Map maximum size exceeded\u0026quot; in deepClone (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-typescript\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17154\"\u003e#17154\u003c/a\u003e Update typescript parser tests (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17151\"\u003e#17151\u003c/a\u003e fix: Should not evaluate vars in child scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17153\"\u003e#17153\u003c/a\u003e fix: Correctly generate \u003ccode\u003eabstract override\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17107\"\u003e#17107\u003c/a\u003e Fix source type detection when parsing TypeScript (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-runtime\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs2\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17173\"\u003e#17173\u003c/a\u003e Fix processing of replacement pattern with named capture groups (\u003ca href=\"https://github.com/%5Bmmmsssttt404%5D(https://github.com/mmmsssttt404)\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17158\"\u003e#17158\u003c/a\u003e Avoid warnings when re-bundling \u003ccode\u003e@​babel/standalone\u003c/code\u003e with webpack (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17160\"\u003e#17160\u003c/a\u003e Left-value parsing cleanup (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBabel Bot (\u003ca href=\"https://github.com/babel-bot\"\u003e\u003ccode\u003e@​babel-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eYunyoung Jordan Choi (\u003ca href=\"https://github.com/jordan-choi\"\u003e\u003ccode\u003e@​jordan-choi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mmmsssttt404\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.26.9 (2025-02-14)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17103\"\u003e#17103\u003c/a\u003e fix: Definition for \u003ccode\u003eTSPropertySignature.kind\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17062\"\u003e#17062\u003c/a\u003e Print TypeScript optional/definite in ClassPrivateProperty (\u003ca href=\"https://github.com/jamiebuilds-signal\"\u003e\u003ccode\u003e@​jamiebuilds-signal\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/e1ce99df422971175249509e7bbc2b327b8f7957\"\u003e\u003ccode\u003ee1ce99d\u003c/code\u003e\u003c/a\u003e v7.26.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d5952e80c0faa5ec20e35085531b6e572d31dad4\"\u003e\u003ccode\u003ed5952e8\u003c/code\u003e\u003c/a\u003e Fix processing of replacement pattern with named capture groups (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17173\"\u003e#17173\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/64bca7b5f308cd52c192a5c821a57f6d1b0475f4\"\u003e\u003ccode\u003e64bca7b\u003c/code\u003e\u003c/a\u003e v7.26.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/2d9514066e3b135835ed93246ebbcdb7ca0263ca\"\u003e\u003ccode\u003e2d95140\u003c/code\u003e\u003c/a\u003e v7.26.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/63d30381c169780460e01bdb6669c5e01af1dfbe\"\u003e\u003ccode\u003e63d3038\u003c/code\u003e\u003c/a\u003e v7.26.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/b07957ebb316a1e2fc67454fc7423508bb942e63\"\u003e\u003ccode\u003eb07957e\u003c/code\u003e\u003c/a\u003e v7.25.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/af917594e4df3decdde2ce0b1614d607b27367a5\"\u003e\u003ccode\u003eaf91759\u003c/code\u003e\u003c/a\u003e fix: Accidentally publishing useless files (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/16917\"\u003e#16917\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/2533cfb0c1d90140f320f1e03d41e20407ca30bf\"\u003e\u003ccode\u003e2533cfb\u003c/code\u003e\u003c/a\u003e v7.25.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/69d65f1aef74de135a8b262bb9770a41e97b7476\"\u003e\u003ccode\u003e69d65f1\u003c/code\u003e\u003c/a\u003e [babel 8] Require Node.js \u003ccode\u003e^18.20.0 || ^20.17.0 || \u0026gt;=22.8.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/16800\"\u003e#16800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/2f72b978f9acc68d065e7da10c8e270d6f96b7c4\"\u003e\u003ccode\u003e2f72b97\u003c/code\u003e\u003c/a\u003e v7.25.6\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.26.10/packages/babel-runtime\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.4.3 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md\"\u003etar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e7.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ezstd\u003c/code\u003e compression support.\u003c/li\u003e\n\u003cli\u003eConsistent TOCTOU behavior in sync t.list\u003c/li\u003e\n\u003cli\u003eOnly read from ustar block if not specified in Pax\u003c/li\u003e\n\u003cli\u003eFix sync tar.list when file size reduces while reading\u003c/li\u003e\n\u003cli\u003eSanitize absolute linkpaths properly\u003c/li\u003e\n\u003cli\u003ePrevent writing hardlink entries to the archive ahead of their\nfile target\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eonentry\u003c/code\u003e in favor of \u003ccode\u003eonReadEntry\u003c/code\u003e for clarity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonWriteEntry\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDRY the command definitions into a single \u003ccode\u003emakeCommand\u003c/code\u003e method,\nand update the type signatures to more appropriately infer the\nreturn type from the options and arguments provided.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate minipass to v7.1.0\u003c/li\u003e\n\u003cli\u003eUpdate the type definitions of \u003ccode\u003ewrite()\u003c/code\u003e and \u003ccode\u003eend()\u003c/code\u003e methods on\n\u003ccode\u003eUnpack\u003c/code\u003e and \u003ccode\u003eParser\u003c/code\u003e classes to be compatible with the\nNodeJS.WritableStream type in the latest versions of\n\u003ccode\u003e@types/node\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node \u0026lt;18\u003c/li\u003e\n\u003cli\u003eRewrite in TypeScript, provide ESM and CommonJS hybrid\ninterface\u003c/li\u003e\n\u003cli\u003eAdd tree-shake friendly exports, like \u003ccode\u003eimport('tar/create')\u003c/code\u003e\nand \u003ccode\u003eimport('tar/read-entry')\u003c/code\u003e to get individual functions or\nclasses.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003echmod\u003c/code\u003e option that defaults to false, and deprecate\n\u003ccode\u003enoChmod\u003c/code\u003e. That is, reverse the default option regarding\nexplicitly setting file system modes to match tar entry\nsettings.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eprocessUmask\u003c/code\u003e option to avoid having to call\n\u003ccode\u003eprocess.umask()\u003c/code\u003e when \u003ccode\u003echmod: true\u003c/code\u003e (or \u003ccode\u003enoChmod: false\u003c/code\u003e) is\nset.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2b72abc1d47c3570e1ad95c9ab557fc4c2e6e4b1\"\u003e\u003ccode\u003e2b72abc\u003c/code\u003e\u003c/a\u003e 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f\"\u003e\u003ccode\u003e7bc755d\u003c/code\u003e\u003c/a\u003e parse root off paths before sanitizing .. parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/c8cb84629dee649feedde03f2f4ea48f2e44e778\"\u003e\u003ccode\u003ec8cb846\u003c/code\u003e\u003c/a\u003e update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/1f0c2c9006b10199cf2686f8ef43e79a1773e1aa\"\u003e\u003ccode\u003e1f0c2c9\u003c/code\u003e\u003c/a\u003e 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fbb08518bf290733b68ca4d4135f75becf73fd75\"\u003e\u003ccode\u003efbb0851\u003c/code\u003e\u003c/a\u003e build minified version as default export\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6b8eba0ef367ac937e703238daa6df94ae6f823f\"\u003e\u003ccode\u003e6b8eba0\u003c/code\u003e\u003c/a\u003e 7.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384\"\u003e\u003ccode\u003e2cb1120\u003c/code\u003e\u003c/a\u003e fix(unpack): improve UnpackSync symlink error \u0026quot;into\u0026quot; path accuracy\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.4.3...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tootallnate/once` from 2.0.0 to 2.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/releases\"\u003e@​tootallnate/once's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea1e5e2d: Fix promise hang when AbortSignal is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TooTallNate/once/blob/v2.0.1/CHANGELOG.md\"\u003e@​tootallnate/once's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.0.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ea1e5e2d: Fix promise hang when AbortSignal is aborted\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/bcbb21d387e5fb2d0bf8ec2fd8d0ac97d4553241\"\u003e\u003ccode\u003ebcbb21d\u003c/code\u003e\u003c/a\u003e ci: fix OIDC publishing — Node 24, npm latest, provenance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/dc24387be8e3405f1e7c911caf76c87b72a0e145\"\u003e\u003ccode\u003edc24387\u003c/code\u003e\u003c/a\u003e Version Packages (2.x) (\u003ca href=\"https://redirect.github.com/TooTallNate/once/issues/12\"\u003e#12\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b8a6f80afcfd2482b4bdb1e29d784340a05e0ce3\"\u003e\u003ccode\u003eb8a6f80\u003c/code\u003e\u003c/a\u003e CI: test all Node versions on Linux only\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/dabcc0fb6202663cd83994f0a21ea1c710395327\"\u003e\u003ccode\u003edabcc0f\u003c/code\u003e\u003c/a\u003e ci: drop EOL Node.js 14.x/16.x, add 22.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/b464efcf4238d92590245b4d211d2fc05a94d28a\"\u003e\u003ccode\u003eb464efc\u003c/code\u003e\u003c/a\u003e Update CI: modern Node versions, fix macOS ARM64 compat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TooTallNate/once/commit/a1e5e2d784bcd1c65e49fac1524c6c94fe81f871\"\u003e\u003ccode\u003ea1e5e2d\u003c/code\u003e\u003c/a\u003e Fix promise hang when AbortSignal is aborted\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TooTallNate/once/compare/2.0.0...v2.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​tootallnate/once\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.7.5 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.7.5...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `base-x` from 3.0.10 to 3.0.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/043a888a9bae09bc4b40500e37792e2c6398e9f2\"\u003e\u003ccode\u003e043a888\u003c/code\u003e\u003c/a\u003e 3.0.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/2705dddd2565b455641985974b534291d8defb31\"\u003e\u003ccode\u003e2705ddd\u003c/code\u003e\u003c/a\u003e [backport 3.x] Prohibit char codes that would overflow the \u003ccode\u003eBASE_MAP\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/base-x/compare/v3.0.10...v3.0.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-builder` from 1.1.4 to 1.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/blob/main/CHANGELOG.md\"\u003efast-xml-builder's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003e1.2.0\u003c/strong\u003e (2026-05-08)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003esanitizeName\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eSupport xml-naming for validating and sanitizing tag and attribute names\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.9\u003c/strong\u003e (2026-05-06)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: format output for preserve order when indent by is set to empty string\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.8\u003c/strong\u003e (2026-05-05)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: skip text property for PI tags\u003c/li\u003e\n\u003cli\u003eimprove typings\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.7\u003c/strong\u003e (2026--05-04)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix security issues when attribute value contains quotes\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.6\u003c/strong\u003e (2026--05-04)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix security issues related to comment\u003c/li\u003e\n\u003cli\u003eskip comment with null value\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.5\u003c/strong\u003e (2026-04-17)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix security issues related to comment and cdata\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.4\u003c/strong\u003e (2026-03-16)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esupport maxNestedTags option\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.3\u003c/strong\u003e (2026-03-13)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edeclare Matcher \u0026amp; Expression as unknown so user is not forced to install path-expression-matcher\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.2\u003c/strong\u003e (2026-03-11)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix typings\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.1\u003c/strong\u003e (2026-03-11)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade path-expression-matcher to 1.1.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.1.0\u003c/strong\u003e (2026-03-10)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntegrate \u003ca href=\"https://github.com/NaturalIntelligence/path-expression-matcher\"\u003epath-expression-matcher\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/a9a905b316176ef9a97bdf5450e60efbf0341f25\"\u003e\u003ccode\u003ea9a905b\u003c/code\u003e\u003c/a\u003e for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/42680e8d730c48082268823fd285e10127ddba21\"\u003e\u003ccode\u003e42680e8\u003c/code\u003e\u003c/a\u003e support name sanitization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/8b00185bf6be67981ffc40e06c18acbbbe908779\"\u003e\u003ccode\u003e8b00185\u003c/code\u003e\u003c/a\u003e release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/8a08f173d7b9c9a82599fe7de279ca7e12c3ad6b\"\u003e\u003ccode\u003e8a08f17\u003c/code\u003e\u003c/a\u003e allow indentation to be empty string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/7fc5decb9613afbd5d03747b1a0f11e0916e34ef\"\u003e\u003ccode\u003e7fc5dec\u003c/code\u003e\u003c/a\u003e update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/c241b6a8ed1863e5f518490ec1fcc38b13f2c370\"\u003e\u003ccode\u003ec241b6a\u003c/code\u003e\u003c/a\u003e improve documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/15d5668b53777400c8d80b6e21029c1a70888c78\"\u003e\u003ccode\u003e15d5668\u003c/code\u003e\u003c/a\u003e update for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/98774853a696a1aee4dca830dd3eee2759676bd2\"\u003e\u003ccode\u003e9877485\u003c/code\u003e\u003c/a\u003e fix: skip text property for PI tags\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/311a2213a817cf31558bea7c0e0807b0d4441814\"\u003e\u003ccode\u003e311a221\u003c/code\u003e\u003c/a\u003e fix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-builder/issues/5\"\u003e#5\u003c/a\u003e typing import issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/commit/e8fc5b15d9d54b559781961f066de82a55aabcdd\"\u003e\u003ccode\u003ee8fc5b1\u003c/code\u003e\u003c/a\u003e update for releast\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-builder/compare/v1.1.4...v1.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 5.5.9 to 5.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eupdate strnum, FXB. Use xml-naming for DOCTYPE\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eintegrate xml-naming to validate DOCTYPE entity name and notation name (using qname because of backward compatibility)\n\u003cul\u003e\n\u003cli\u003eThis will consider xml-version as well. '1.0' is default\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate strnum to 2.3.0\n\u003cul\u003e\n\u003cli\u003eYou can set octal and binary parsing which is by deault off\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate fast-xml-builder to 1.2.0\n\u003cul\u003e\n\u003cli\u003ecan sanitize tag names if found invalid\u003c/li\u003e\n\u003cli\u003efix format output\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003efix minor old bugs and update builder\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: alwaysCreateTextNode should create text node when attributes are present for self closing node\u003c/li\u003e\n\u003cli\u003efix stop node expression when ns prefix is removed (found by \u003ca href=\"https://github.com/iruizsalinas\"\u003eiruizsalinas\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate XML Builder to 1.1.7\u003c/li\u003e\n\u003cli\u003emark addEntity deprecated\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ebackward compatibility for numerical external entity, fix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/705\"\u003e#705\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/817\"\u003e#817\u003c/a\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eallow numerical external entity for backward compatibility\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/705\"\u003e#705\u003c/a\u003e: attributesGroupName working with preserveOrder\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/817\"\u003e#817\u003c/a\u003e: stackoverflow when tag expression is very long\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eupgrade \u003ccode\u003e@​nodable/entities\u003c/code\u003e and FXB\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003e@nodable/entities\u003c/code\u003e v2.1.0\n\u003cul\u003e\n\u003cli\u003ebreaking changes\n\u003cul\u003e\n\u003cli\u003esingle entity scan. You're not allowed to use entity value to form another entity name.\u003c/li\u003e\n\u003cli\u003eyou cant add numeric external entity\u003c/li\u003e\n\u003cli\u003eentity error message when expantion limit is crossed might change\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003etypings are updated for new options related to process entity\u003c/li\u003e\n\u003cli\u003eplease follow documentation of \u003ccode\u003e@nodable/entities\u003c/code\u003e for more detail.\u003c/li\u003e\n\u003cli\u003eperformance\n\u003cul\u003e\n\u003cli\u003eif processEntities is false, then there should not be impact on performance.\u003c/li\u003e\n\u003cli\u003eif processEntities is true, but you dont pass entity decoder separately then performance may degrade by approx 8-10%\u003c/li\u003e\n\u003cli\u003eif processEntities is true, and you pass entity decoder separately\n\u003cul\u003e\n\u003cli\u003eif no entity then performance should be same as before\u003c/li\u003e\n\u003cli\u003eif there are entities then performance should be increased from past versions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eignoreAttributes is not required to be set to set xml version for NCR entity value\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate 'fast-xml-builder' to sanitize malicious CDATA and comment's content\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo API change\u003c/li\u003e\n\u003cli\u003eNo change in performance for basic usage\u003c/li\u003e\n\u003cli\u003eNo typing change\u003c/li\u003e\n\u003cli\u003eNo config change\u003c/li\u003e\n\u003cli\u003enew dependency\u003c/li\u003e\n\u003cli\u003ebreaking: error messages for entities might have been changed.\u003c/li\u003e\n\u003cli\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\"\u003ehttps://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.12...v5.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eperformance improvment, increase entity expansion default limit\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eincrease default entity explansion limit as many projects demand for that\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre\u003e\u003ccode\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003efast-xml-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003eNote: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003cp\u003eNote: Due to some last quick changes on v4, detail of v4.5.3 \u0026amp; v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion\u003c/p\u003e\n\u003cp\u003e*\u003cem\u003e5.8.0 / 2026-05-12\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eintegrate xml-naming to validate DOCTYPE entity name and notation name (using qname becaue of backward compatibility)\n\u003cul\u003e\n\u003cli\u003eThis will consider xml-version as well. '1.0' is default\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate strnum to 2.3.0\n\u003cul\u003e\n\u003cli\u003eYou can set octal and binary parsing which is bydeault off\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate fast-xml-builder to 1.2.0\n\u003cul\u003e\n\u003cli\u003ecan sanitize tag names if found invalid\u003c/li\u003e\n\u003cli\u003efix format output\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.3 / 2006-05-05\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: alwaysCreateTextNode should create text node when attributes are present for self closing node\u003c/li\u003e\n\u003cli\u003efix stop node expression when ns prefix is removed (found by \u003ca href=\"https://github.com/iruizsalinas\"\u003eiruizsalinas\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate XML Builder to 1.1.7\u003c/li\u003e\n\u003cli\u003emark addEntity deprecated\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.2 / 2026-04-25\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eallow numerical external entity for backward compatibility\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/705\"\u003e#705\u003c/a\u003e: attributesGroupName working with preserveOrder\u003c/li\u003e\n\u003cli\u003efix \u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/817\"\u003e#817\u003c/a\u003e: stackoverflow when tag expression is very long\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.1 / 2026-04-20\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix typo in CJS typing file\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.7.0 / 2026-04-17\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003e@nodable/entities\u003c/code\u003e v2.1.0\n\u003cul\u003e\n\u003cli\u003ebreaking changes\n\u003cul\u003e\n\u003cli\u003esingle entity scan. You're not allowed to user entity value to form another entity name.\u003c/li\u003e\n\u003cli\u003eyou cant add numeric external entity\u003c/li\u003e\n\u003cli\u003eentity error message when expantion limit is crossed might change\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003etypings are updated for new options related to process entity\u003c/li\u003e\n\u003cli\u003eplease follow documentation of \u003ccode\u003e@nodable/entities\u003c/code\u003e for more detail.\u003c/li\u003e\n\u003cli\u003eperformance\n\u003cul\u003e\n\u003cli\u003eif processEntities is false, then there should not be impact on performance.\u003c/li\u003e\n\u003cli\u003eif processEntities is true, but you dont pass entity decoder separately then performance may degrade by approx 8-10%\u003c/li\u003e\n\u003cli\u003eif processEntities is true, and you pass entity decoder separately\n\u003cul\u003e\n\u003cli\u003eif no entity then performance should be same as before\u003c/li\u003e\n\u003cli\u003eif there are entities then performance should be increased from past versions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eignoreAttributes is not required to be set to set xml version for NCR entity value\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eupdate 'fast-xml-builder' to sanitize malicious CDATA and comment's content\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.6.0 / 2026-04-15\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix: entity replacement for numeric entities\u003c/li\u003e\n\u003cli\u003euse \u003ccode\u003e@​nodable/entities\u003c/code\u003e to replace entities\n\u003cul\u003e\n\u003cli\u003ethis may change some error messages related to entities expansion limit or inavlid use\u003c/li\u003e\n\u003cli\u003epost check would be exposed in future version\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/4bcee44a034ec99706b68b16e31f4072505b13e9\"\u003e\u003ccode\u003e4bcee44\u003c/code\u003e\u003c/a\u003e for release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/8a287bf2524f0a3a4c32be7edaedced3a9839ab8\"\u003e\u003ccode\u003e8a287bf\u003c/code\u003e\u003c/a\u003e release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/50b01dcacb8fe21f986a9e7b55800bd96401fe58\"\u003e\u003ccode\u003e50b01dc\u003c/code\u003e\u003c/a\u003e Use \u0026quot;\u003ccode\u003e@​byspec/xml\u003c/code\u003e\u0026quot; for testing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/816b652c83249edc1569c523f7bc3e13b3ef929c\"\u003e\u003ccode\u003e816b652\u003c/code\u003e\u003c/a\u003e update typings to mark validator use deprecated\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/8ad0e650bcdb05001b533f27bc01f2e873d87cc5\"\u003e\u003ccode\u003e8ad0e65\u003c/code\u003e\u003c/a\u003e update fast-xml-builder and strnum\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/58e967ed7f8208e4896b607cf5a057a5659f97c6\"\u003e\u003ccode\u003e58e967e\u003c/code\u003e\u003c/a\u003e integrate xml-naming\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/42fa3c3af8e0d59e9fe213785a1b204b39338d2b\"\u003e\u003ccode\u003e42fa3c3\u003c/code\u003e\u003c/a\u003e separate XML validator, UPDATE DOCS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/d6d80429b1d1f1420902e1cebac6fe7831ba0839\"\u003e\u003ccode\u003ed6d8042\u003c/code\u003e\u003c/a\u003e update to release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/d2633709699520c514208ea70e31adb6d71ab0e8\"\u003e\u003ccode\u003ed263370\u003c/code\u003e\u003c/a\u003e remove dev dependency 'he'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/f9c9a2c19f819ab6fe0856ef4e94d6aa28fe1eec\"\u003e\u003ccode\u003ef9c9a2c\u003c/code\u003e\u003c/a\u003e update builder to 1.1.7\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.9...v5.8.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b...\n\n_Description has been truncated_","html_url":"https://github.com/Reality2byte/core/pull/611","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Reality2byte%2Fcore/issues/611","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/611/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-05-25T00:09:50.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4513395873","node_id":"PR_kwDOGn7O-c7e3L81","number":21,"state":"closed","title":"Bump the npm_and_yarn group across 16 directories with 20 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-25T03:02:50.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-25T00:09:50.000Z","updated_at":"2026-05-25T03:02:53.000Z","time_to_close":10380,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":20,"packages":[{"name":"express","old_version":"4.17.0","new_version":"4.22.0","repository_url":"https://github.com/expressjs/express"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.4","repository_url":"https://github.com/isaacs/minimatch"},{"name":"tar","old_version":"4.4.10","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"devalue","old_version":"2.0.1","new_version":"5.8.1","repository_url":"https://github.com/sveltejs/devalue"},{"name":"uuid","old_version":"8.3.2","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"ws","old_version":"8.2.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.12.1","new_version":"7.29.4","repository_url":"https://github.com/babel/babel"},{"name":"bn.js","old_version":"4.11.9","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"flatted","old_version":"3.1.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.9.0","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"handlebars","old_version":"4.7.6","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"js-yaml","old_version":"3.13.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"rollup","old_version":"2.35.1","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 16 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [express](https://github.com/expressjs/express) | `4.17.0` | `4.22.0` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.4` |\n| [tar](https://github.com/isaacs/node-tar) | `4.4.10` | `7.5.11` |\n| [devalue](https://github.com/sveltejs/devalue) | `2.0.1` | `5.8.1` |\n| [uuid](https://github.com/uuidjs/uuid) | `8.3.2` | `14.0.0` |\n| [ws](https://github.com/websockets/ws) | `8.2.3` | `8.20.1` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.12.1` | `7.29.4` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.11.9` | `4.12.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.9.0` | `1.16.0` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.6` | `4.7.9` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.13.1` | `3.14.2` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.35.1` | `2.80.0` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n\nBumps the npm_and_yarn group with 1 update in the /examples/api-routes-apollo-server-and-client-auth directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /examples/api-routes-rate-limit directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /examples/auth-with-stytch directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/blog-with-comment directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/styled-jsx-with-csp directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/using-preact directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-aws-amplify-typescript directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-i18n-next-intl directory: [next-intl](https://github.com/amannn/next-intl).\nBumps the npm_and_yarn group with 1 update in the /examples/with-next-translate directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-nhost-auth-realtime-graphql directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-paste-typescript directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-react-intl directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-redis directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /examples/with-tesfy directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 3 updates in the /packages/next directory: [devalue](https://github.com/sveltejs/devalue), [uuid](https://github.com/uuidjs/uuid) and [ws](https://github.com/websockets/ws).\n\nUpdates `express` from 4.17.0 to 4.22.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003e\u0026quot;back\u0026quot;\u003c/code\u003e magic string in redirects by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5935\"\u003eexpressjs/express#5935\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efinalhandler@1.3.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5954\"\u003eexpressjs/express#5954\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): serve-static@1.16.2 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5951\"\u003eexpressjs/express#5951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgraded dependency qs to 6.13.0 to match qs in body-parser by \u003ca href=\"https://github.com/agadzinski93\"\u003e\u003ccode\u003e@​agadzinski93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5946\"\u003eexpressjs/express#5946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agadzinski93\"\u003e\u003ccode\u003e@​agadzinski93\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5946\"\u003eexpressjs/express#5946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/4.22.0/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eWill be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.19.2 / 2024-03-25\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/3a5edfaff06f1a2c7079b08d0635108b371eddfd\"\u003e\u003ccode\u003e3a5edfa\u003c/code\u003e\u003c/a\u003e fix(ci): updated github actions ci workflow (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6323\"\u003e#6323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/52d978119a7af27667cce5d99ac0739dc269d818\"\u003e\u003ccode\u003e52d9781\u003c/code\u003e\u003c/a\u003e fix(test): add test for method routes without paths \u003ca href=\"https://redirect.github.com/expressjs/express/issues/5955\"\u003e#5955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.0...4.22.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.0.4 to 3.1.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9c31b2d4e0af72a6c2d2d62c5dbc2247da669802\"\u003e\u003ccode\u003e9c31b2d\u003c/code\u003e\u003c/a\u003e update test expectations for coalesced consecutive stars\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/46fe687857cf02f6cf45469cc593b97e11b10c96\"\u003e\u003ccode\u003e46fe687\u003c/code\u003e\u003c/a\u003e coalesce consecutive non-globstar * characters\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/5a9ccbda64befc5d94b965534dbea2853c92aebd\"\u003e\u003ccode\u003e5a9ccbd\u003c/code\u003e\u003c/a\u003e [meta] update publishConfig.tag to legacy-v3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 4.4.10 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/releases\"\u003etar's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.13\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-tar/compare/v6.1.12...v6.1.13\"\u003e6.1.13\u003c/a\u003e (2022-12-07)\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/cc4e0ddfe523a0bce383846a67442c637a65d486\"\u003e\u003ccode\u003ecc4e0dd\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-tar/pull/343\"\u003e#343\u003c/a\u003e bump minipass from 3.3.6 to 4.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.12\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-tar/compare/v6.1.11...v6.1.12\"\u003e6.1.12\u003c/a\u003e (2022-10-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/57493ee66ece50d62114e02914282fc37be3a91a\"\u003e\u003ccode\u003e57493ee\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-tar/pull/332\"\u003e#332\u003c/a\u003e ensuring close event is emited after stream has ended (\u003ca href=\"https://github.com/webark\"\u003e\u003ccode\u003e@​webark\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/b003c64f624332e24e19b30dc011069bb6708680\"\u003e\u003ccode\u003eb003c64\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-tar/pull/314\"\u003e#314\u003c/a\u003e replace deprecated String.prototype.substr() (\u003ca href=\"https://redirect.github.com/isaacs/node-tar/issues/314\"\u003e#314\u003c/a\u003e) (\u003ca href=\"https://github.com/CommanderRoot\"\u003e\u003ccode\u003e@​CommanderRoot\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukekarrys\"\u003e\u003ccode\u003e@​lukekarrys\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/f12992932f171ea248b27fad95e7d489a56d31ed\"\u003e\u003ccode\u003ef129929\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-tar/pull/313\"\u003e#313\u003c/a\u003e remove dead link to benchmarks (\u003ca href=\"https://redirect.github.com/isaacs/node-tar/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://github.com/yetzt\"\u003e\u003ccode\u003e@​yetzt\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/c1faa9f44001dfb0bc7638b2850eb6058bd56a4a\"\u003e\u003ccode\u003ec1faa9f\u003c/code\u003e\u003c/a\u003e add examples/explanation of using tar.t (\u003ca href=\"https://github.com/isaacs\"\u003e\u003ccode\u003e@​isaacs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md\"\u003etar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e7.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ezstd\u003c/code\u003e compression support.\u003c/li\u003e\n\u003cli\u003eConsistent TOCTOU behavior in sync t.list\u003c/li\u003e\n\u003cli\u003eOnly read from ustar block if not specified in Pax\u003c/li\u003e\n\u003cli\u003eFix sync tar.list when file size reduces while reading\u003c/li\u003e\n\u003cli\u003eSanitize absolute linkpaths properly\u003c/li\u003e\n\u003cli\u003ePrevent writing hardlink entries to the archive ahead of their\nfile target\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eonentry\u003c/code\u003e in favor of \u003ccode\u003eonReadEntry\u003c/code\u003e for clarity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonWriteEntry\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDRY the command definitions into a single \u003ccode\u003emakeCommand\u003c/code\u003e method,\nand update the type signatures to more appropriately infer the\nreturn type from the options and arguments provided.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate minipass to v7.1.0\u003c/li\u003e\n\u003cli\u003eUpdate the type definitions of \u003ccode\u003ewrite()\u003c/code\u003e and \u003ccode\u003eend()\u003c/code\u003e methods on\n\u003ccode\u003eUnpack\u003c/code\u003e and \u003ccode\u003eParser\u003c/code\u003e classes to be compatible with the\nNodeJS.WritableStream type in the latest versions of\n\u003ccode\u003e@types/node\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node \u0026lt;18\u003c/li\u003e\n\u003cli\u003eRewrite in TypeScript, provide ESM and CommonJS hybrid\ninterface\u003c/li\u003e\n\u003cli\u003eAdd tree-shake friendly exports, like \u003ccode\u003eimport('tar/create')\u003c/code\u003e\nand \u003ccode\u003eimport('tar/read-entry')\u003c/code\u003e to get individual functions or\nclasses.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003echmod\u003c/code\u003e option that defaults to false, and deprecate\n\u003ccode\u003enoChmod\u003c/code\u003e. That is, reverse the default option regarding\nexplicitly setting file system modes to match tar entry\nsettings.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eprocessUmask\u003c/code\u003e option to avoid having to call\n\u003ccode\u003eprocess.umask()\u003c/code\u003e when \u003ccode\u003echmod: true\u003c/code\u003e (or \u003ccode\u003enoChmod: false\u003c/code\u003e) is\nset.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2b72abc1d47c3570e1ad95c9ab557fc4c2e6e4b1\"\u003e\u003ccode\u003e2b72abc\u003c/code\u003e\u003c/a\u003e 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f\"\u003e\u003ccode\u003e7bc755d\u003c/code\u003e\u003c/a\u003e parse root off paths before sanitizing .. parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/c8cb84629dee649feedde03f2f4ea48f2e44e778\"\u003e\u003ccode\u003ec8cb846\u003c/code\u003e\u003c/a\u003e update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/1f0c2c9006b10199cf2686f8ef43e79a1773e1aa\"\u003e\u003ccode\u003e1f0c2c9\u003c/code\u003e\u003c/a\u003e 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fbb08518bf290733b68ca4d4135f75becf73fd75\"\u003e\u003ccode\u003efbb0851\u003c/code\u003e\u003c/a\u003e build minified version as default export\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6b8eba0ef367ac937e703238daa6df94ae6f823f\"\u003e\u003ccode\u003e6b8eba0\u003c/code\u003e\u003c/a\u003e 7.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384\"\u003e\u003ccode\u003e2cb1120\u003c/code\u003e\u003c/a\u003e fix(unpack): improve UnpackSync symlink error \u0026quot;into\u0026quot; path accuracy\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v4.4.10...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devalue` from 2.0.1 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/releases\"\u003edevalue's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md\"\u003edevalue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/796ea83a76eb7e0f2af376f9c2c875f1d057f50f\"\u003e\u003ccode\u003e796ea83\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/152\"\u003e#152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/206ca6712fbc380a4571c59de9ab04b91110792d\"\u003e\u003ccode\u003e206ca67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/14933f78ff6b712829162628682b0a1993e75d19\"\u003e\u003ccode\u003e14933f7\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/c5115b0074ec298fb4077f6cee5616cefbd13902\"\u003e\u003ccode\u003ec5115b0\u003c/code\u003e\u003c/a\u003e feat: \u003ccode\u003estringifyAsync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/150\"\u003e#150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/67dad450b5db18ea9aa3059d334d8b0ee6704d9e\"\u003e\u003ccode\u003e67dad45\u003c/code\u003e\u003c/a\u003e docs: update README to reflect serialization stability non-goal (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/147\"\u003e#147\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/6eb920a7db6fe388f24f640d0e4e874a57f148fb\"\u003e\u003ccode\u003e6eb920a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/8becc7c436f0d4f85e2e5b32cb49dcfdf4fdec42\"\u003e\u003ccode\u003e8becc7c\u003c/code\u003e\u003c/a\u003e fix: handle regexes consistently in uneval's value and reference formats (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/2eee2e435ea0ea3d495dc7a266486df95a4eb6ed\"\u003e\u003ccode\u003e2eee2e4\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/498656e75d36dfc63a386240722bdeac63337b25\"\u003e\u003ccode\u003e498656e\u003c/code\u003e\u003c/a\u003e DataView support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/5590634db53ed555d3ce2e2024924b30352a6afc\"\u003e\u003ccode\u003e5590634\u003c/code\u003e\u003c/a\u003e Improve platform types support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/devalue/compare/v2.0.1...v5.8.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for devalue since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 8.3.2 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v8.3.2...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.2.3 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.2.3...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.12.1 to 7.29.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17782\"\u003e#17782\u003c/a\u003e Improve trailing comma comment handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:memo: Documentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17847\"\u003e#17847\u003c/a\u003e Replace npmjs.com links with npmx.dev (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-import-to-platform-api\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-modules\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17818\"\u003e#17818\u003c/a\u003e Load async Wasm and JSON imports in parallel (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 4\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBabel Bot (\u003ca href=\"https://github.com/babel-bot\"\u003e\u003ccode\u003e@​babel-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cd24cc07ef6558b7f6510f9177f6393c91b0549f\"\u003e\u003ccode\u003ecd24cc0\u003c/code\u003e\u003c/a\u003e chore: Update TS 5.7 (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17053\"\u003e#17053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.4/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.11.9 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/84ae31344a557abb78ddabe3bac923b7503e4fb5\"\u003e\u003ccode\u003e84ae313\u003c/code\u003e\u003c/a\u003e 4.12.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/967ed0a50a9400bbbd83b450550cf37f7fa178b9\"\u003e\u003ccode\u003e967ed0a\u003c/code\u003e\u003c/a\u003e fix: Buffer not using global in browser (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/260\"\u003e#260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/61962320d7907a1a4d03a665782cb2733160c907\"\u003e\u003ccode\u003e6196232\u003c/code\u003e\u003c/a\u003e Fix LE constructor for HEX (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.11.9...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.1.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.1.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.9.0 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.9.0...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.7.6 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8 - July 27th, 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1...\n\n_Description has been truncated_","html_url":"https://github.com/jcstein/next.js/pull/21","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jcstein%2Fnext.js/issues/21","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/21/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-05-24T11:01:14.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4511317616","node_id":"PR_kwDOOEg8ic7ew9uL","number":25,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 11 directories with 16 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-24T11:02:38.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-24T11:01:14.000Z","updated_at":"2026-05-24T11:02:40.000Z","time_to_close":84,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":16,"packages":[{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"uuid","old_version":"8.3.2","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"bn.js","old_version":"5.2.1","new_version":"5.2.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"@babel/runtime","old_version":"7.25.4","new_version":"7.26.10","repository_url":"https://github.com/babel/babel"},{"name":"tar","old_version":"7.4.3","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"axios","old_version":"1.7.5","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"base-x","old_version":"3.0.10","new_version":"3.0.11","repository_url":"https://github.com/cryptocoinjs/base-x"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"fast-xml-parser","old_version":"4.4.1","new_version":"4.5.6","repository_url":"https://github.com/NaturalIntelligence/fast-xml-parser"},{"name":"flatted","old_version":"3.3.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"minimatch","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"pbkdf2","old_version":"3.1.2","new_version":"3.1.5","repository_url":"https://github.com/browserify/pbkdf2"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 15 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [uuid](https://github.com/uuidjs/uuid) | `8.3.2` | `14.0.0` |\n| [bn.js](https://github.com/indutny/bn.js) | `5.2.1` | `5.2.3` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.25.4` | `7.26.10` |\n| [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.11` |\n| [axios](https://github.com/axios/axios) | `1.7.5` | `1.16.1` |\n| [base-x](https://github.com/cryptocoinjs/base-x) | `3.0.10` | `3.0.11` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `4.4.1` | `4.5.6` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.1` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |\n| [pbkdf2](https://github.com/browserify/pbkdf2) | `3.1.2` | `3.1.5` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n\nBumps the npm_and_yarn group with 1 update in the /packages/accounts-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/assets-controllers directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/eth-json-rpc-provider directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/gas-fee-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/keyring-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/logging-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/message-manager directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/polling-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/signature-controller directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 1 update in the /packages/transaction-controller directory: [uuid](https://github.com/uuidjs/uuid).\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 8.3.2 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v8.3.2...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 5.2.1 to 5.2.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/indutny/bn.js/blob/master/CHANGELOG.md\"\u003ebn.js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.3 / 2026-02-19\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.2.2 / 2025-04-25\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: imuln/muln with zero (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ea6c072a951493ca99e5cd5f8da3851b90116271\"\u003e\u003ccode\u003eea6c072\u003c/code\u003e\u003c/a\u003e 5.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/33df26b5771e824f303a79ec6407409376baa64b\"\u003e\u003ccode\u003e33df26b\u003c/code\u003e\u003c/a\u003e fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6db7c3818569423b94ebcf2bdff90fcfb9c47f6d\"\u003e\u003ccode\u003e6db7c38\u003c/code\u003e\u003c/a\u003e 5.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c7e1a532566c83fd0297ff7669c227b824928bf4\"\u003e\u003ccode\u003ec7e1a53\u003c/code\u003e\u003c/a\u003e Fix imuln/muln with zero (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/4cc0bfa5195d54876a6b807827e582522c813019\"\u003e\u003ccode\u003e4cc0bfa\u003c/code\u003e\u003c/a\u003e docs: mention the max plain JS number argument value (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/307\"\u003e#307\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/5df40f81ea8afb835b909bb7c21e0833cdeb6a30\"\u003e\u003ccode\u003e5df40f8\u003c/code\u003e\u003c/a\u003e Document \u003ccode\u003elength\u003c/code\u003e unit in \u003ccode\u003etoBuffer(...)\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/299\"\u003e#299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/indutny/bn.js/compare/v5.2.1...v5.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/runtime` from 7.25.4 to 7.26.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/runtime's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.26.10 (2025-03-11)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/jordan-choi\"\u003e\u003ccode\u003e@​jordan-choi\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/mmmsssttt404\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003cp\u003eThis release includes a fix for \u003ca href=\"https://github.com/babel/babel/security/advisories/GHSA-968p-4wvh-cqc8\"\u003ehttps://github.com/babel/babel/security/advisories/GHSA-968p-4wvh-cqc8\u003c/a\u003e, a security vulnerability which affects the \u003ccode\u003e.replace\u003c/code\u003e method of transpiled regular expressions that use named capturing groups.\u003c/p\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17159\"\u003e#17159\u003c/a\u003e Disallow decorator in array pattern (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e, \u003ccode\u003ebabel-template\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17164\"\u003e#17164\u003c/a\u003e Fix: always initialize ExportDeclaration attributes (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17142\"\u003e#17142\u003c/a\u003e fix: \u0026quot;Map maximum size exceeded\u0026quot; in deepClone (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-typescript\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17154\"\u003e#17154\u003c/a\u003e Update typescript parser tests (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17151\"\u003e#17151\u003c/a\u003e fix: Should not evaluate vars in child scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17153\"\u003e#17153\u003c/a\u003e fix: Correctly generate \u003ccode\u003eabstract override\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17107\"\u003e#17107\u003c/a\u003e Fix source type detection when parsing TypeScript (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-runtime\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs2\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17173\"\u003e#17173\u003c/a\u003e Fix processing of replacement pattern with named capture groups (\u003ca href=\"https://github.com/%5Bmmmsssttt404%5D(https://github.com/mmmsssttt404)\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17158\"\u003e#17158\u003c/a\u003e Avoid warnings when re-bundling \u003ccode\u003e@​babel/standalone\u003c/code\u003e with webpack (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17160\"\u003e#17160\u003c/a\u003e Left-value parsing cleanup (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBabel Bot (\u003ca href=\"https://github.com/babel-bot\"\u003e\u003ccode\u003e@​babel-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eYunyoung Jordan Choi (\u003ca href=\"https://github.com/jordan-choi\"\u003e\u003ccode\u003e@​jordan-choi\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mmmsssttt404\"\u003e\u003ccode\u003e@​mmmsssttt404\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.26.9 (2025-02-14)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17103\"\u003e#17103\u003c/a\u003e fix: Definition for \u003ccode\u003eTSPropertySignature.kind\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17062\"\u003e#17062\u003c/a\u003e Print TypeScript optional/definite in ClassPrivateProperty (\u003ca href=\"https://github.com/jamiebuilds-signal\"\u003e\u003ccode\u003e@​jamiebuilds-signal\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/e1ce99df422971175249509e7bbc2b327b8f7957\"\u003e\u003ccode\u003ee1ce99d\u003c/code\u003e\u003c/a\u003e v7.26.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d5952e80c0faa5ec20e35085531b6e572d31dad4\"\u003e\u003ccode\u003ed5952e8\u003c/code\u003e\u003c/a\u003e Fix processing of replacement pattern with named capture groups (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17173\"\u003e#17173\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/64bca7b5f308cd52c192a5c821a57f6d1b0475f4\"\u003e\u003ccode\u003e64bca7b\u003c/code\u003e\u003c/a\u003e v7.26.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/2d9514066e3b135835ed93246ebbcdb7ca0263ca\"\u003e\u003ccode\u003e2d95140\u003c/code\u003e\u003c/a\u003e v7.26.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/63d30381c169780460e01bdb6669c5e01af1dfbe\"\u003e\u003ccode\u003e63d3038\u003c/code\u003e\u003c/a\u003e v7.26.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/b07957ebb316a1e2fc67454fc7423508bb942e63\"\u003e\u003ccode\u003eb07957e\u003c/code\u003e\u003c/a\u003e v7.25.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/af917594e4df3decdde2ce0b1614d607b27367a5\"\u003e\u003ccode\u003eaf91759\u003c/code\u003e\u003c/a\u003e fix: Accidentally publishing useless files (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/16917\"\u003e#16917\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/2533cfb0c1d90140f320f1e03d41e20407ca30bf\"\u003e\u003ccode\u003e2533cfb\u003c/code\u003e\u003c/a\u003e v7.25.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/69d65f1aef74de135a8b262bb9770a41e97b7476\"\u003e\u003ccode\u003e69d65f1\u003c/code\u003e\u003c/a\u003e [babel 8] Require Node.js \u003ccode\u003e^18.20.0 || ^20.17.0 || \u0026gt;=22.8.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/16800\"\u003e#16800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/2f72b978f9acc68d065e7da10c8e270d6f96b7c4\"\u003e\u003ccode\u003e2f72b97\u003c/code\u003e\u003c/a\u003e v7.25.6\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/babel/babel/commits/v7.26.10/packages/babel-runtime\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 7.4.3 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md\"\u003etar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e7.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ezstd\u003c/code\u003e compression support.\u003c/li\u003e\n\u003cli\u003eConsistent TOCTOU behavior in sync t.list\u003c/li\u003e\n\u003cli\u003eOnly read from ustar block if not specified in Pax\u003c/li\u003e\n\u003cli\u003eFix sync tar.list when file size reduces while reading\u003c/li\u003e\n\u003cli\u003eSanitize absolute linkpaths properly\u003c/li\u003e\n\u003cli\u003ePrevent writing hardlink entries to the archive ahead of their\nfile target\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eonentry\u003c/code\u003e in favor of \u003ccode\u003eonReadEntry\u003c/code\u003e for clarity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonWriteEntry\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDRY the command definitions into a single \u003ccode\u003emakeCommand\u003c/code\u003e method,\nand update the type signatures to more appropriately infer the\nreturn type from the options and arguments provided.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate minipass to v7.1.0\u003c/li\u003e\n\u003cli\u003eUpdate the type definitions of \u003ccode\u003ewrite()\u003c/code\u003e and \u003ccode\u003eend()\u003c/code\u003e methods on\n\u003ccode\u003eUnpack\u003c/code\u003e and \u003ccode\u003eParser\u003c/code\u003e classes to be compatible with the\nNodeJS.WritableStream type in the latest versions of\n\u003ccode\u003e@types/node\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node \u0026lt;18\u003c/li\u003e\n\u003cli\u003eRewrite in TypeScript, provide ESM and CommonJS hybrid\ninterface\u003c/li\u003e\n\u003cli\u003eAdd tree-shake friendly exports, like \u003ccode\u003eimport('tar/create')\u003c/code\u003e\nand \u003ccode\u003eimport('tar/read-entry')\u003c/code\u003e to get individual functions or\nclasses.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003echmod\u003c/code\u003e option that defaults to false, and deprecate\n\u003ccode\u003enoChmod\u003c/code\u003e. That is, reverse the default option regarding\nexplicitly setting file system modes to match tar entry\nsettings.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eprocessUmask\u003c/code\u003e option to avoid having to call\n\u003ccode\u003eprocess.umask()\u003c/code\u003e when \u003ccode\u003echmod: true\u003c/code\u003e (or \u003ccode\u003enoChmod: false\u003c/code\u003e) is\nset.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2b72abc1d47c3570e1ad95c9ab557fc4c2e6e4b1\"\u003e\u003ccode\u003e2b72abc\u003c/code\u003e\u003c/a\u003e 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f\"\u003e\u003ccode\u003e7bc755d\u003c/code\u003e\u003c/a\u003e parse root off paths before sanitizing .. parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/c8cb84629dee649feedde03f2f4ea48f2e44e778\"\u003e\u003ccode\u003ec8cb846\u003c/code\u003e\u003c/a\u003e update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/1f0c2c9006b10199cf2686f8ef43e79a1773e1aa\"\u003e\u003ccode\u003e1f0c2c9\u003c/code\u003e\u003c/a\u003e 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fbb08518bf290733b68ca4d4135f75becf73fd75\"\u003e\u003ccode\u003efbb0851\u003c/code\u003e\u003c/a\u003e build minified version as default export\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6b8eba0ef367ac937e703238daa6df94ae6f823f\"\u003e\u003ccode\u003e6b8eba0\u003c/code\u003e\u003c/a\u003e 7.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384\"\u003e\u003ccode\u003e2cb1120\u003c/code\u003e\u003c/a\u003e fix(unpack): improve UnpackSync symlink error \u0026quot;into\u0026quot; path accuracy\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v7.4.3...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.7.5 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v1.7.5...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `base-x` from 3.0.10 to 3.0.11\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/043a888a9bae09bc4b40500e37792e2c6398e9f2\"\u003e\u003ccode\u003e043a888\u003c/code\u003e\u003c/a\u003e 3.0.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cryptocoinjs/base-x/commit/2705dddd2565b455641985974b534291d8defb31\"\u003e\u003ccode\u003e2705ddd\u003c/code\u003e\u003c/a\u003e [backport 3.x] Prohibit char codes that would overflow the \u003ccode\u003eBASE_MAP\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cryptocoinjs/base-x/compare/v3.0.10...v3.0.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-xml-parser` from 4.4.1 to 4.5.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/releases\"\u003efast-xml-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary update on all the previous releases from v4.2.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMultiple minor fixes provided in the validator and parser\u003c/li\u003e\n\u003cli\u003ev6 is added for experimental use.\u003c/li\u003e\n\u003cli\u003eignoreAttributes support function, and array of string or regex\u003c/li\u003e\n\u003cli\u003eAdd support for parsing HTML numeric entities\u003c/li\u003e\n\u003cli\u003ev5 of the application is ESM module now. However, JS is also supported\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNote\u003c/strong\u003e: Release section in not updated frequently. Please check \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md\"\u003eCHANGELOG\u003c/a\u003e or \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/tags\"\u003eTags\u003c/a\u003e for latest release information.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/42fbb0bc95e753e03fe52cb0805a8774bba4bf28\"\u003e\u003ccode\u003e42fbb0b\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/805671cb6c19108b171b876cf3e8865f18cdb8fd\"\u003e\u003ccode\u003e805671c\u003c/code\u003e\u003c/a\u003e increase expansion limit as many system need it\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/9a2cf097c2961d4ad878f618e39fb0a9f5a0e9e5\"\u003e\u003ccode\u003e9a2cf09\u003c/code\u003e\u003c/a\u003e update version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/88d0936a23dabe51bfbf42255e2ce912dfee2221\"\u003e\u003ccode\u003e88d0936\u003c/code\u003e\u003c/a\u003e apply all fixes from v5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/d4eb6b4713a8d11e6730943392419040898ecbc0\"\u003e\u003ccode\u003ed4eb6b4\u003c/code\u003e\u003c/a\u003e update release version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/b1b9f633ff30cb4708337355c2789f08bc0558d2\"\u003e\u003ccode\u003eb1b9f63\u003c/code\u003e\u003c/a\u003e update release info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/faccca126e1db96b90084adda6fbe2ea2ed434e7\"\u003e\u003ccode\u003efaccca1\u003c/code\u003e\u003c/a\u003e sync with v5.3.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/ab00cdc49c681b44effbe95d6ee4392616a74aaa\"\u003e\u003ccode\u003eab00cdc\u003c/code\u003e\u003c/a\u003e update package bundle for minor fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/57c61876b47be10616ba47da904c8add26efcb58\"\u003e\u003ccode\u003e57c6187\u003c/code\u003e\u003c/a\u003e Update ReadMe\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/commit/caeda37ebd919c799bf06ccf2f80d1e90e99d474\"\u003e\u003ccode\u003ecaeda37\u003c/code\u003e\u003c/a\u003e fix: emit full JSON string from CLI when no output filename specified (\u003ca href=\"https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/710\"\u003e#710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/NaturalIntelligence/fast-xml-parser/compare/v4.4.1...v4.5.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.6 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.6...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `form-data` from 3.0.1 to 3.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/releases\"\u003eform-data's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.2\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003enpmignore temporary build files (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/532\"\u003e#532\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emove util.isArray to Array.isArray (\u003ca href=\"https://redirect.github.com/form-data/form-data/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTests\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emigrate from travis to GHA\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/form-data/form-data/blob/master/CHANGELOG.md\"\u003eform-data's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/form-data/form-data/compare/v3.0.3...v3.0.4\"\u003ev3.0.4\u003c/a\u003e - 2025-07-16\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eappend\u003c/code\u003e: avoid a crash on nullish values \u003ca href=\"https://redirect.github.com/form-data/form-data/issues/577\"\u003e\u003ccode\u003e[#577](https://github.com/form-data/form-data/issues/577)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[eslint] update linting config \u003ca href=\"https://github.com/form-data/form-data/commit/f5e7eb024bc3fc7e2074ff80f143a4f4cbc1dbda\"\u003e\u003ccode\u003ef5e7eb0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/form-data/form-data/commit/d2eb290a3e47ed5bcad7020d027daa15b3cf5ef5\"\u003e\u003ccode\u003ed2eb290\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle predict-v8-randomness failures in node \u0026lt; 17 and node \u0026gt; 23 \u003ca href=\"https://github.com/form-data/form-data/commit/e8c574cb07ff3a0de2ecc0912d783ef22e190c...\n\n_Description has been truncated_","html_url":"https://github.com/Web3Auth/core/pull/25","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Web3Auth%2Fcore/issues/25","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/25/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-05-24T10:42:32.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4511268663","node_id":"PR_kwDOGn7O-c7ewz4S","number":19,"state":"closed","title":"Bump the npm_and_yarn group across 13 directories with 20 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-24T23:53:28.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-24T10:42:32.000Z","updated_at":"2026-05-24T23:53:30.000Z","time_to_close":47456,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":20,"packages":[{"name":"express","old_version":"4.17.0","new_version":"4.22.0","repository_url":"https://github.com/expressjs/express"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.4","repository_url":"https://github.com/isaacs/minimatch"},{"name":"tar","old_version":"4.4.10","new_version":"7.5.11","repository_url":"https://github.com/isaacs/node-tar"},{"name":"devalue","old_version":"2.0.1","new_version":"5.8.1","repository_url":"https://github.com/sveltejs/devalue"},{"name":"uuid","old_version":"8.3.2","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"ws","old_version":"8.2.3","new_version":"8.20.1","repository_url":"https://github.com/websockets/ws"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.12.1","new_version":"7.29.4","repository_url":"https://github.com/babel/babel"},{"name":"bn.js","old_version":"4.11.9","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"flatted","old_version":"3.1.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.9.0","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"handlebars","old_version":"4.7.6","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"js-yaml","old_version":"3.13.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"jws","old_version":"3.2.2","new_version":"3.2.3","repository_url":"https://github.com/brianloveswords/node-jws"},{"name":"rollup","old_version":"2.35.1","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 16 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [express](https://github.com/expressjs/express) | `4.17.0` | `4.22.0` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.4` |\n| [tar](https://github.com/isaacs/node-tar) | `4.4.10` | `7.5.11` |\n| [devalue](https://github.com/sveltejs/devalue) | `2.0.1` | `5.8.1` |\n| [uuid](https://github.com/uuidjs/uuid) | `8.3.2` | `14.0.0` |\n| [ws](https://github.com/websockets/ws) | `8.2.3` | `8.20.1` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.12.1` | `7.29.4` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.11.9` | `4.12.3` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.9.0` | `1.16.0` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.6` | `4.7.9` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.13.1` | `3.14.2` |\n| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.35.1` | `2.80.0` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n\nBumps the npm_and_yarn group with 1 update in the /examples/auth-with-stytch directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/blog-with-comment directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/styled-jsx-with-csp directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/using-preact directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-aws-amplify-typescript directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-i18n-next-intl directory: [next-intl](https://github.com/amannn/next-intl).\nBumps the npm_and_yarn group with 1 update in the /examples/with-next-translate directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-nhost-auth-realtime-graphql directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-paste-typescript directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-react-intl directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /examples/with-redis directory: [uuid](https://github.com/uuidjs/uuid).\nBumps the npm_and_yarn group with 3 updates in the /packages/next directory: [devalue](https://github.com/sveltejs/devalue), [uuid](https://github.com/uuidjs/uuid) and [ws](https://github.com/websockets/ws).\n\nUpdates `express` from 4.17.0 to 4.22.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd funding field (v4) by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6065\"\u003eexpressjs/express#6065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11 by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5956\"\u003eexpressjs/express#5956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump path-to-regexp@0.1.12 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6209\"\u003eexpressjs/express#6209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.2 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6094\"\u003eexpressjs/express#6094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.1...4.21.2\"\u003ehttps://github.com/expressjs/express/compare/4.21.1...4.21.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport a fix for CVE-2024-47764 to the 4.x branch by \u003ca href=\"https://github.com/joshbuker\"\u003e\u003ccode\u003e@​joshbuker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6029\"\u003eexpressjs/express#6029\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.21.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6031\"\u003eexpressjs/express#6031\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.0...4.21.1\"\u003ehttps://github.com/expressjs/express/compare/4.21.0...4.21.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003e\u0026quot;back\u0026quot;\u003c/code\u003e magic string in redirects by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5935\"\u003eexpressjs/express#5935\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efinalhandler@1.3.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5954\"\u003eexpressjs/express#5954\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): serve-static@1.16.2 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5951\"\u003eexpressjs/express#5951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgraded dependency qs to 6.13.0 to match qs in body-parser by \u003ca href=\"https://github.com/agadzinski93\"\u003e\u003ccode\u003e@​agadzinski93\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5946\"\u003eexpressjs/express#5946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agadzinski93\"\u003e\u003ccode\u003e@​agadzinski93\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5946\"\u003eexpressjs/express#5946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/4.22.0/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eRemove link renderization in html while using \u003ccode\u003eres.redirect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.10\n\u003cul\u003e\n\u003cli\u003eAdds support for named matching groups in the routes using a regex\u003c/li\u003e\n\u003cli\u003eAdds backtracking protection to parameters without regexes defined\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: encodeurl@~2.0.0\n\u003cul\u003e\n\u003cli\u003eRemoves encoding of \u003ccode\u003e\\\u003c/code\u003e, \u003ccode\u003e|\u003c/code\u003e, and \u003ccode\u003e^\u003c/code\u003e to align better with URL spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDeprecate passing \u003ccode\u003eoptions.maxAge\u003c/code\u003e and \u003ccode\u003eoptions.expires\u003c/code\u003e to \u003ccode\u003eres.clearCookie\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eWill be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.19.2 / 2024-03-25\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6a23d34d652b9e69a4486d2a2a0dea54b9685fa5\"\u003e\u003ccode\u003e6a23d34\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6919\"\u003e#6919\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8c12cdf93b89a4628b59179e3cc0722fc517d6b3\"\u003e\u003ccode\u003e8c12cdf\u003c/code\u003e\u003c/a\u003e deps: qs@6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6909\"\u003e#6909\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/7fea74fcf02764580f38f2a7f1932dfa54cddd90\"\u003e\u003ccode\u003e7fea74f\u003c/code\u003e\u003c/a\u003e deps: use tilde notation for certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6905\"\u003e#6905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/dac7a0475a99e9dfc57b3b8e6d5bdf52813f1944\"\u003e\u003ccode\u003edac7a04\u003c/code\u003e\u003c/a\u003e chore: wider range for query test skip (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6513\"\u003e#6513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/997919b48879bbd53171c3b4e5dd1b04ad139241\"\u003e\u003ccode\u003e997919b\u003c/code\u003e\u003c/a\u003e ci: add node.js 24 to test matrix (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6506\"\u003e#6506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/36fb59c6c7d9dfca0b08dfeafb5b6e4a249234a1\"\u003e\u003ccode\u003e36fb59c\u003c/code\u003e\u003c/a\u003e fix(ci): reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6336\"\u003e#6336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/3a5edfaff06f1a2c7079b08d0635108b371eddfd\"\u003e\u003ccode\u003e3a5edfa\u003c/code\u003e\u003c/a\u003e fix(ci): updated github actions ci workflow (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6323\"\u003e#6323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/52d978119a7af27667cce5d99ac0739dc269d818\"\u003e\u003ccode\u003e52d9781\u003c/code\u003e\u003c/a\u003e fix(test): add test for method routes without paths \u003ca href=\"https://redirect.github.com/expressjs/express/issues/5955\"\u003e#5955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.0...4.22.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.0.4 to 3.1.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1a2e084af579731af66c221214e3ca8222c9bf23\"\u003e\u003ccode\u003e1a2e084\u003c/code\u003e\u003c/a\u003e 3.1.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/ae24656237c3d58067442f790ce17eff84463a47\"\u003e\u003ccode\u003eae24656\u003c/code\u003e\u003c/a\u003e update lockfile\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/b1003749228b2a79e1f237963a0d559ef7a0941e\"\u003e\u003ccode\u003eb100374\u003c/code\u003e\u003c/a\u003e limit recursion for **, improve perf considerably\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/26ffeaa091b9f660833e23f42e07165b33e85c13\"\u003e\u003ccode\u003e26ffeaa\u003c/code\u003e\u003c/a\u003e lockfile update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9eca892a4e5dbb20534f9f30483b85cdeee6c2eb\"\u003e\u003ccode\u003e9eca892\u003c/code\u003e\u003c/a\u003e lock node version to 14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/00c323b188b704e5d4bc534ecec2268cfa70a32a\"\u003e\u003ccode\u003e00c323b\u003c/code\u003e\u003c/a\u003e 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/30486b2048929264f44d18822891cfffa02af78b\"\u003e\u003ccode\u003e30486b2\u003c/code\u003e\u003c/a\u003e update CI matrix and actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/9c31b2d4e0af72a6c2d2d62c5dbc2247da669802\"\u003e\u003ccode\u003e9c31b2d\u003c/code\u003e\u003c/a\u003e update test expectations for coalesced consecutive stars\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/46fe687857cf02f6cf45469cc593b97e11b10c96\"\u003e\u003ccode\u003e46fe687\u003c/code\u003e\u003c/a\u003e coalesce consecutive non-globstar * characters\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/5a9ccbda64befc5d94b965534dbea2853c92aebd\"\u003e\u003ccode\u003e5a9ccbd\u003c/code\u003e\u003c/a\u003e [meta] update publishConfig.tag to legacy-v3\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tar` from 4.4.10 to 7.5.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/releases\"\u003etar's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.13\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-tar/compare/v6.1.12...v6.1.13\"\u003e6.1.13\u003c/a\u003e (2022-12-07)\u003c/h2\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/cc4e0ddfe523a0bce383846a67442c637a65d486\"\u003e\u003ccode\u003ecc4e0dd\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-tar/pull/343\"\u003e#343\u003c/a\u003e bump minipass from 3.3.6 to 4.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.1.12\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/npm/node-tar/compare/v6.1.11...v6.1.12\"\u003e6.1.12\u003c/a\u003e (2022-10-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/57493ee66ece50d62114e02914282fc37be3a91a\"\u003e\u003ccode\u003e57493ee\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-tar/pull/332\"\u003e#332\u003c/a\u003e ensuring close event is emited after stream has ended (\u003ca href=\"https://github.com/webark\"\u003e\u003ccode\u003e@​webark\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/b003c64f624332e24e19b30dc011069bb6708680\"\u003e\u003ccode\u003eb003c64\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-tar/pull/314\"\u003e#314\u003c/a\u003e replace deprecated String.prototype.substr() (\u003ca href=\"https://redirect.github.com/isaacs/node-tar/issues/314\"\u003e#314\u003c/a\u003e) (\u003ca href=\"https://github.com/CommanderRoot\"\u003e\u003ccode\u003e@​CommanderRoot\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/lukekarrys\"\u003e\u003ccode\u003e@​lukekarrys\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/f12992932f171ea248b27fad95e7d489a56d31ed\"\u003e\u003ccode\u003ef129929\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://redirect.github.com/npm/node-tar/pull/313\"\u003e#313\u003c/a\u003e remove dead link to benchmarks (\u003ca href=\"https://redirect.github.com/isaacs/node-tar/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://github.com/yetzt\"\u003e\u003ccode\u003e@​yetzt\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/npm/node-tar/commit/c1faa9f44001dfb0bc7638b2850eb6058bd56a4a\"\u003e\u003ccode\u003ec1faa9f\u003c/code\u003e\u003c/a\u003e add examples/explanation of using tar.t (\u003ca href=\"https://github.com/isaacs\"\u003e\u003ccode\u003e@​isaacs\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md\"\u003etar's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e7.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ezstd\u003c/code\u003e compression support.\u003c/li\u003e\n\u003cli\u003eConsistent TOCTOU behavior in sync t.list\u003c/li\u003e\n\u003cli\u003eOnly read from ustar block if not specified in Pax\u003c/li\u003e\n\u003cli\u003eFix sync tar.list when file size reduces while reading\u003c/li\u003e\n\u003cli\u003eSanitize absolute linkpaths properly\u003c/li\u003e\n\u003cli\u003ePrevent writing hardlink entries to the archive ahead of their\nfile target\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eonentry\u003c/code\u003e in favor of \u003ccode\u003eonReadEntry\u003c/code\u003e for clarity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eonWriteEntry\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDRY the command definitions into a single \u003ccode\u003emakeCommand\u003c/code\u003e method,\nand update the type signatures to more appropriately infer the\nreturn type from the options and arguments provided.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate minipass to v7.1.0\u003c/li\u003e\n\u003cli\u003eUpdate the type definitions of \u003ccode\u003ewrite()\u003c/code\u003e and \u003ccode\u003eend()\u003c/code\u003e methods on\n\u003ccode\u003eUnpack\u003c/code\u003e and \u003ccode\u003eParser\u003c/code\u003e classes to be compatible with the\nNodeJS.WritableStream type in the latest versions of\n\u003ccode\u003e@types/node\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node \u0026lt;18\u003c/li\u003e\n\u003cli\u003eRewrite in TypeScript, provide ESM and CommonJS hybrid\ninterface\u003c/li\u003e\n\u003cli\u003eAdd tree-shake friendly exports, like \u003ccode\u003eimport('tar/create')\u003c/code\u003e\nand \u003ccode\u003eimport('tar/read-entry')\u003c/code\u003e to get individual functions or\nclasses.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003echmod\u003c/code\u003e option that defaults to false, and deprecate\n\u003ccode\u003enoChmod\u003c/code\u003e. That is, reverse the default option regarding\nexplicitly setting file system modes to match tar entry\nsettings.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eprocessUmask\u003c/code\u003e option to avoid having to call\n\u003ccode\u003eprocess.umask()\u003c/code\u003e when \u003ccode\u003echmod: true\u003c/code\u003e (or \u003ccode\u003enoChmod: false\u003c/code\u003e) is\nset.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/bf776f673164215074b62749e0fe80e5834588f4\"\u003e\u003ccode\u003ebf776f6\u003c/code\u003e\u003c/a\u003e 7.5.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/f48b5fa3b7985ddab96dc0f2125a4ffc9911b6ad\"\u003e\u003ccode\u003ef48b5fa\u003c/code\u003e\u003c/a\u003e prevent escaping symlinks with drive-relative paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/97cff15d3539a37a4095eb3d287147d9d77c2dc3\"\u003e\u003ccode\u003e97cff15\u003c/code\u003e\u003c/a\u003e docs: more security info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2b72abc1d47c3570e1ad95c9ab557fc4c2e6e4b1\"\u003e\u003ccode\u003e2b72abc\u003c/code\u003e\u003c/a\u003e 7.5.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/7bc755dd85e623c0279e08eb3784909e6d7e4b9f\"\u003e\u003ccode\u003e7bc755d\u003c/code\u003e\u003c/a\u003e parse root off paths before sanitizing .. parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/c8cb84629dee649feedde03f2f4ea48f2e44e778\"\u003e\u003ccode\u003ec8cb846\u003c/code\u003e\u003c/a\u003e update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/1f0c2c9006b10199cf2686f8ef43e79a1773e1aa\"\u003e\u003ccode\u003e1f0c2c9\u003c/code\u003e\u003c/a\u003e 7.5.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/fbb08518bf290733b68ca4d4135f75becf73fd75\"\u003e\u003ccode\u003efbb0851\u003c/code\u003e\u003c/a\u003e build minified version as default export\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/6b8eba0ef367ac937e703238daa6df94ae6f823f\"\u003e\u003ccode\u003e6b8eba0\u003c/code\u003e\u003c/a\u003e 7.5.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-tar/commit/2cb1120bcefe28d7ecc719b41441ade59c52e384\"\u003e\u003ccode\u003e2cb1120\u003c/code\u003e\u003c/a\u003e fix(unpack): improve UnpackSync symlink error \u0026quot;into\u0026quot; path accuracy\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-tar/compare/v4.4.10...v7.5.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~isaacs\"\u003eisaacs\u003c/a\u003e, a new releaser for tar since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devalue` from 2.0.1 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/releases\"\u003edevalue's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md\"\u003edevalue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e0f04d4d: fix: Properly handle \u003ccode\u003e__proto__\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e819f1ac: fix: better encoding for sparse arrays\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/796ea83a76eb7e0f2af376f9c2c875f1d057f50f\"\u003e\u003ccode\u003e796ea83\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/152\"\u003e#152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/206ca6712fbc380a4571c59de9ab04b91110792d\"\u003e\u003ccode\u003e206ca67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/14933f78ff6b712829162628682b0a1993e75d19\"\u003e\u003ccode\u003e14933f7\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/c5115b0074ec298fb4077f6cee5616cefbd13902\"\u003e\u003ccode\u003ec5115b0\u003c/code\u003e\u003c/a\u003e feat: \u003ccode\u003estringifyAsync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/150\"\u003e#150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/67dad450b5db18ea9aa3059d334d8b0ee6704d9e\"\u003e\u003ccode\u003e67dad45\u003c/code\u003e\u003c/a\u003e docs: update README to reflect serialization stability non-goal (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/147\"\u003e#147\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/6eb920a7db6fe388f24f640d0e4e874a57f148fb\"\u003e\u003ccode\u003e6eb920a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/8becc7c436f0d4f85e2e5b32cb49dcfdf4fdec42\"\u003e\u003ccode\u003e8becc7c\u003c/code\u003e\u003c/a\u003e fix: handle regexes consistently in uneval's value and reference formats (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/2eee2e435ea0ea3d495dc7a266486df95a4eb6ed\"\u003e\u003ccode\u003e2eee2e4\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/498656e75d36dfc63a386240722bdeac63337b25\"\u003e\u003ccode\u003e498656e\u003c/code\u003e\u003c/a\u003e DataView support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/5590634db53ed555d3ce2e2024924b30352a6afc\"\u003e\u003ccode\u003e5590634\u003c/code\u003e\u003c/a\u003e Improve platform types support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/devalue/compare/v2.0.1...v5.8.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for devalue since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uuid` from 8.3.2 to 14.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/releases\"\u003euuid's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev14.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003edc4ddb8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eexpect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003ef2c235f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003effa3138\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.1...v13.0.2\"\u003e13.0.2\u003c/a\u003e (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ererelease to fix provenance. (\u003ca href=\"https://github.com/uuidjs/uuid/commit/49ccb35f78c0c4ce1409dd2f1d89f83caadba10b\"\u003e49ccb35\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v13.0.1\"\u003e13.0.1\u003c/a\u003e (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebackport fix for GHSA-w5hq-g745-h8pq (\u003ca href=\"https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a\"\u003e9d27ddf\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v12.0.1\"\u003e12.0.1\u003c/a\u003e (2026-04-29)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md\"\u003euuid's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0\"\u003e14.0.0\u003c/a\u003e (2026-04-19)\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq\"\u003eGHSA-w5hq-g745-h8pq\u003c/a\u003e: \u003ccode\u003ev3()\u003c/code\u003e, \u003ccode\u003ev5()\u003c/code\u003e, and \u003ccode\u003ev6()\u003c/code\u003e did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid \u003ccode\u003eoffset\u003c/code\u003e was provided. A \u003ccode\u003eRangeError\u003c/code\u003e is now thrown if \u003ccode\u003eoffset \u0026lt; 0\u003c/code\u003e or \u003ccode\u003eoffset + 16 \u0026gt; buf.length\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecrypto\u003c/code\u003e is now expected to be globally defined (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0\"\u003e13.0.0\u003c/a\u003e (2025-09-08)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emake browser exports the default (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/901\"\u003e#901\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a\"\u003ebce9d72\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0\"\u003e12.0.0\u003c/a\u003e (2025-09-05)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd node@24 to ci matrix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/879\"\u003e#879\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92\"\u003e42b6178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edrop node@16 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/883\"\u003e#883\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530\"\u003e0f38cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eremove CommonJS support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/886\"\u003e#886\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f\"\u003eae786e2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate to typescript@5.2 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/887\"\u003e#887\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01\"\u003ec7ee405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove v4() performance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197\"\u003e5fd974c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore node: prefix (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507\"\u003ee1f42a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/uuidjs/uuid/compare/v11.0.5...v11.1.0\"\u003e11.1.0\u003c/a\u003e (2025-02-19)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b\"\u003e\u003ccode\u003e7c1ea08\u003c/code\u003e\u003c/a\u003e chore(main): release 14.0.0 (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34\"\u003e\u003ccode\u003e3d2c5b0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4\"\u003e\u003ccode\u003ef2c235f\u003c/code\u003e\u003c/a\u003e fix!: expect \u003ccode\u003ecrypto\u003c/code\u003e to be global everywhere (requires node@20+) (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/935\"\u003e#935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212\"\u003e\u003ccode\u003e529ef08\u003c/code\u003e\u003c/a\u003e chore: upgrade TypeScript and fixup types (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087\"\u003e\u003ccode\u003e086fd79\u003c/code\u003e\u003c/a\u003e chore: update dependencies (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/933\"\u003e#933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3\"\u003e\u003ccode\u003edc4ddb8\u003c/code\u003e\u003c/a\u003e feat!: drop node@18 support (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/934\"\u003e#934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404\"\u003e\u003ccode\u003e0f1f9c9\u003c/code\u003e\u003c/a\u003e chore: switch to Biome for parsing and linting (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/932\"\u003e#932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013\"\u003e\u003ccode\u003ee2879e6\u003c/code\u003e\u003c/a\u003e chore: use maintained version of npm-run-all (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/930\"\u003e#930\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c\"\u003e\u003ccode\u003effa3138\u003c/code\u003e\u003c/a\u003e fix: Use GITHUB_TOKEN for release-please and enable npm provenance (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4\"\u003e\u003ccode\u003e0423d49\u003c/code\u003e\u003c/a\u003e docs: remove obsolete v1 option notes (\u003ca href=\"https://redirect.github.com/uuidjs/uuid/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/uuidjs/uuid/compare/v8.3.2...v14.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for uuid since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.2.3 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.2.3...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.12.1 to 7.29.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17782\"\u003e#17782\u003c/a\u003e Improve trailing comma comment handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:memo: Documentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17847\"\u003e#17847\u003c/a\u003e Replace npmjs.com links with npmx.dev (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-import-to-platform-api\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-modules\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17818\"\u003e#17818\u003c/a\u003e Load async Wasm and JSON imports in parallel (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 4\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBabel Bot (\u003ca href=\"https://github.com/babel-bot\"\u003e\u003ccode\u003e@​babel-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cd24cc07ef6558b7f6510f9177f6393c91b0549f\"\u003e\u003ccode\u003ecd24cc0\u003c/code\u003e\u003c/a\u003e chore: Update TS 5.7 (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17053\"\u003e#17053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.4/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bn.js` from 4.11.9 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/84ae31344a557abb78ddabe3bac923b7503e4fb5\"\u003e\u003ccode\u003e84ae313\u003c/code\u003e\u003c/a\u003e 4.12.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/967ed0a50a9400bbbd83b450550cf37f7fa178b9\"\u003e\u003ccode\u003e967ed0a\u003c/code\u003e\u003c/a\u003e fix: Buffer not using global in browser (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/260\"\u003e#260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/61962320d7907a1a4d03a665782cb2733160c907\"\u003e\u003ccode\u003e6196232\u003c/code\u003e\u003c/a\u003e Fix LE constructor for HEX (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.11.9...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.1.1 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.1.1...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.9.0 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/21ef28a544c5e57f4c34b8476d75f2144609a1eb\"\u003e\u003ccode\u003e21ef28a\u003c/code\u003e\u003c/a\u003e Release version 1.15.11 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7c88135da3bd0681a7e156ee66b16b2f6f98b480\"\u003e\u003ccode\u003e7c88135\u003c/code\u003e\u003c/a\u003e Roll back tree shaking.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/6e389ba094beec211a8847788a146917a16c1bdb\"\u003e\u003ccode\u003e6e389ba\u003c/code\u003e\u003c/a\u003e Release version 1.15.10 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5bc496e0229abda823221e0c6267926a3f93f262\"\u003e\u003ccode\u003e5bc496e\u003c/code\u003e\u003c/a\u003e Shake me up before you go-go.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/694d6b47a42bc8377e5ef1480394de451e16bd5b\"\u003e\u003ccode\u003e694d6b4\u003c/code\u003e\u003c/a\u003e Bump minimist from 1.2.5 to 1.2.8\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.9.0...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.7.6 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8 - July 27th, 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n...\n\n_Description has been truncated_","html_url":"https://github.com/jcstein/next.js/pull/19","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jcstein%2Fnext.js/issues/19","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/19/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-05-23T06:56:56.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4507214175","node_id":"PR_kwDOQOLFCs7eksHq","number":10,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 4 directories with 11 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T06:56:56.000Z","updated_at":"2026-05-23T07:13:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":11,"packages":[{"name":"browserify-sign","old_version":"4.2.1","new_version":"4.2.5","repository_url":"https://github.com/crypto-browserify/browserify-sign"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"glob","old_version":"10.3.10","new_version":"10.5.0","repository_url":"https://github.com/isaacs/node-glob"},{"name":"ip-address","old_version":"9.0.5","new_version":"10.2.0","repository_url":"https://github.com/beaugunderson/ip-address"},{"name":"playwright","old_version":"1.51.0","new_version":"1.60.0","repository_url":"https://github.com/microsoft/playwright"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.2.1` | `4.2.5` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [glob](https://github.com/isaacs/node-glob) | `10.3.10` | `10.5.0` |\n| [ip-address](https://github.com/beaugunderson/ip-address) | `9.0.5` | `10.2.0` |\n| [playwright](https://github.com/microsoft/playwright) | `1.51.0` | `1.60.0` |\n\nBumps the npm_and_yarn group with 1 update in the /playwright directory: [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 2 updates in the /playwright/packages/playwright-core/bundles/utils directory: [ip-address](https://github.com/beaugunderson/ip-address) and [ws](https://github.com/websockets/ws).\nBumps the npm_and_yarn group with 1 update in the /playwright/utils/flakiness-dashboard directory: [uuid](https://github.com/uuidjs/uuid).\n\nUpdates `browserify-sign` from 4.2.1 to 4.2.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md\"\u003ebrowserify-sign's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.4...v4.2.5\"\u003ev4.2.5\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] clean up tests and convert console info skips to tape skips \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] drop unsupported nodes from CI \u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.3...v4.2.4\"\u003ev4.2.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[actions] split out node 10-20, and 20+ \u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove \u003ccode\u003efiles\u003c/code\u003e field \u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003esemver\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5f6698211aa1d6dddaba8c245f40f63ae28924a3\"\u003e\u003ccode\u003e5f66982\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] replace \u003ccode\u003eaud\u003c/code\u003e with \u003ccode\u003enpm audit\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d44b24d8691d699ccc76780b106fe9c1bf0d1558\"\u003e\u003ccode\u003ed44b24d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] revert 9e2bf12, now that v3.1.1 is out \u003ca href=\"https://github.com/browserify/browserify-sign/commit/428cf7f3f0d09f1b39312e5e51620ca684b5c1ac\"\u003e\u003ccode\u003e428cf7f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.2...v4.2.3\"\u003ev4.2.3\u003c/a\u003e - 2024-03-05\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[patch] widen support to 0.12 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9247adfd261ededfec1c036c9d8f36c4e9f87c0e\"\u003e\u003ccode\u003e9247adf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[patch] drop minimum node support to v1 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/4d0ee49ae2dc238b877dce9aed7e23fb4cb5088d\"\u003e\u003ccode\u003e4d0ee49\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eaud\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/87f3a35a587b377da2c1987af8d41c57b5afe0a5\"\u003e\u003ccode\u003e87f3a35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] remove redundant finisher \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37a475856843b7d1b2403fdafac0024ba252e579\"\u003e\u003ccode\u003e37a4758\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003ehash-base\u003c/code\u003e to ~3.0, due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9e2bf122b70970cb92f69d53e963f18299f14d66\"\u003e\u003ccode\u003e9e2bf12\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1 [\u003c/code\u003ef427270`](\u003ca href=\"https://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\"\u003ehttps://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/fb261cea57f92b3d98bc4d8bc6228c43a5de2e91\"\u003e\u003ccode\u003efb261ce\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003eelliptic\u003c/code\u003e due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/168e16fcb54886a0281b0c983e1482a097042684\"\u003e\u003ccode\u003e168e16f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.1...v4.2.2\"\u003ev4.2.2\u003c/a\u003e - 2023-10-25\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] log when openssl doesn't support cipher \u003ca href=\"https://redirect.github.com/browserify/browserify-sign/issues/37\"\u003e\u003ccode\u003e[#37](https://github.com/crypto-browserify/browserify-sign/issues/37)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/browserify-sign/commit/09a89959393b3c89fedd4f7f3bafa4fec44371d7\"\u003e\u003ccode\u003e09a8995\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/browserify-sign/commit/83fe46374b819e959d56d2c0b931308f7451a664\"\u003e\u003ccode\u003e83fe463\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/44181838e7dcc4d5d0c568f74312ea28f0bcdfd5\"\u003e\u003ccode\u003e4418183\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9ac5a5eaaac8a11eb70ec2febd13745c8764ae02\"\u003e\u003ccode\u003e9ac5a5e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to github actions \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d845d855def38e2085d5a21e447a48300f99fa60\"\u003e\u003ccode\u003ed845d85\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003esign\u003c/code\u003e: throw on unsupported padding scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/8767739a4516289568bcce9fed8a3b7e23478de9\"\u003e\u003ccode\u003e8767739\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] properly check the upper bound for DSA signatures \u003ca href=\"https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30\"\u003e\u003ccode\u003e85994cd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle openSSL not supporting a scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/f5f17c27f9824de40b5ce8ebd8502111203fd6af\"\u003e\u003ccode\u003ef5f17c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/d3a7458af692134219fce56a082068f678e12474\"\u003e\u003ccode\u003ed3a7458\u003c/code\u003e\u003c/a\u003e v4.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e [Tests] clean up tests and convert console info skips to tape skips\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e [Fix] restore node 0.10 support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e [actions] drop unsupported nodes from CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/9c371720efd60af4e08f83df4cd612a6ed135cec\"\u003e\u003ccode\u003e9c37172\u003c/code\u003e\u003c/a\u003e v4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e [meta] remove \u003ccode\u003efiles\u003c/code\u003e field\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e [actions] split out node 10-20, and 20+\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/browserify-sign/compare/v4.2.1...v4.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for browserify-sign since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `elliptic` from 6.5.4 to 6.6.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/9b77436a59cc35eccf4ffb848259c8762a492ee7\"\u003e\u003ccode\u003e9b77436\u003c/code\u003e\u003c/a\u003e 6.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/04cb6f54ce552b3ebde6be06d6050419e1c7333e\"\u003e\u003ccode\u003e04cb6f5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/b8a7edd61a0d9bddd0bbf3436a4b476401edbe20\"\u003e\u003ccode\u003eb8a7edd\u003c/code\u003e\u003c/a\u003e 6.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/34c853478cec1be4e37260ed2cb12cdbdc6402cf\"\u003e\u003ccode\u003e34c8534\u003c/code\u003e\u003c/a\u003e fix: signature verification due to leading zeros\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/3e46a48fdd2ef2f89593e5e058d85530578c9761\"\u003e\u003ccode\u003e3e46a48\u003c/code\u003e\u003c/a\u003e 6.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/accb61e9c1a005e5c8ff96a8b33893100bb42d11\"\u003e\u003ccode\u003eaccb61e\u003c/code\u003e\u003c/a\u003e lib: DER signature decoding correction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/03e06e135c8e44a2da560fa197d0ba1e1e2759e9\"\u003e\u003ccode\u003e03e06e1\u003c/code\u003e\u003c/a\u003e 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281\"\u003e\u003ccode\u003e7ac5360\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/75700785ff41bb5d029d19186beff26d4883caa5\"\u003e\u003ccode\u003e7570078\u003c/code\u003e\u003c/a\u003e 6.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/206da2ee373e68466cde353f81fb59ef251b740b\"\u003e\u003ccode\u003e206da2e\u003c/code\u003e\u003c/a\u003e lib: lint\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/elliptic/compare/v6.5.4...v6.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `glob` from 10.3.10 to 10.5.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/node-glob/blob/main/changelog.md\"\u003eglob's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echangeglob\u003c/h1\u003e\n\u003ch2\u003e13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove the CLI program out to a separate package, \u003ccode\u003eglob-bin\u003c/code\u003e.\nInstall that if you'd like to continue using glob from the\ncommand line.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove the unsafe \u003ccode\u003e--shell\u003c/code\u003e option. The \u003ccode\u003e--shell\u003c/code\u003e option is now\nONLY supported on known shells where the behavior can be\nimplemented safely.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.1\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2\"\u003eGHSA-5j98-mcp5-4vw2\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--shell\u003c/code\u003e option for the command line, with a warning\nthat this is unsafe. (It will be removed in v12.)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003e--cmd-arg\u003c/code\u003e/\u003ccode\u003e-g\u003c/code\u003e as a way to \u003cem\u003esafely\u003c/em\u003e add positional\narguments to the command provided to the CLI tool.\u003c/li\u003e\n\u003cli\u003eDetect commands with space or quote characters on known shells,\nand pass positional arguments to them safely, avoiding\n\u003ccode\u003eshell:true\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for node before v20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eincludeChildMatches: false\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eExport the \u003ccode\u003eIgnore\u003c/code\u003e class\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e--default -p\u003c/code\u003e flag to provide a default pattern\u003c/li\u003e\n\u003cli\u003eexclude symbolic links to directories when \u003ccode\u003efollow\u003c/code\u003e and \u003ccode\u003enodir\u003c/code\u003e\nare both set\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd glob cli\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReturn \u003ccode\u003e'.'\u003c/code\u003e instead of the empty string \u003ccode\u003e''\u003c/code\u003e when the current\nworking directory is returned as a match.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eposix: true\u003c/code\u003e option to return \u003ccode\u003e/\u003c/code\u003e delimited paths, even on\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/56774ef73b495eb0b17cdd0f42921f5ef62297c1\"\u003e\u003ccode\u003e56774ef\u003c/code\u003e\u003c/a\u003e 10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1e4e297342a09f2aa0ced87fcd4a70ddc325d75f\"\u003e\u003ccode\u003e1e4e297\u003c/code\u003e\u003c/a\u003e bin: Do not expose filenames to shell expansion\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/1f0c1ca01a5f256cd17f543f83e9aaeedd133939\"\u003e\u003ccode\u003e1f0c1ca\u003c/code\u003e\u003c/a\u003e 10.4.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/eaf31dcb144750a19842a8319c330d021d4c4d5f\"\u003e\u003ccode\u003eeaf31dc\u003c/code\u003e\u003c/a\u003e whatever, just allow any engines\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/78275168e1bbc7a61e372af1ba58307c27faf0cb\"\u003e\u003ccode\u003e7827516\u003c/code\u003e\u003c/a\u003e 10.4.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/d06c8f8c8288c89a4892f4ebcc23ca21840aa4a1\"\u003e\u003ccode\u003ed06c8f8\u003c/code\u003e\u003c/a\u003e restore support for node 14.latest and 16.latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c14b787771f269651f27f6207aaf410fe171f0b6\"\u003e\u003ccode\u003ec14b787\u003c/code\u003e\u003c/a\u003e 10.4.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/8a69def3cad0de9ba26ca831065ffe448d153de3\"\u003e\u003ccode\u003e8a69def\u003c/code\u003e\u003c/a\u003e node 14 no longer supported\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/eef7ea35afe511079c5bf83862ed57ece2bbf7fa\"\u003e\u003ccode\u003eeef7ea3\u003c/code\u003e\u003c/a\u003e 10.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/node-glob/commit/c76a7d255c74133ed33dd7aa965598316d12dd25\"\u003e\u003ccode\u003ec76a7d2\u003c/code\u003e\u003c/a\u003e use package-json-from-dist to look up package.json\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/node-glob/compare/v10.3.10...v10.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ip-address` from 9.0.5 to 10.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/80fccaae984618f35dc941efab55cf2440ab37e8\"\u003e\u003ccode\u003e80fccaa\u003c/code\u003e\u003c/a\u003e 10.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/abaeb4d817cab16d3a1a78abd249d1f116bd302e\"\u003e\u003ccode\u003eabaeb4d\u003c/code\u003e\u003c/a\u003e Type Address4.addressMinusSuffix as non-nilable (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/2878c294e1216f9a0b69ad1d3c57a3790a7d5e8e\"\u003e\u003ccode\u003e2878c29\u003c/code\u003e\u003c/a\u003e Preserve subnet prefix through Address6.to4() (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/123\"\u003e#123\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/203\"\u003e#203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/586666ee9e666464071761d7a453715f98b6caee\"\u003e\u003ccode\u003e586666e\u003c/code\u003e\u003c/a\u003e Reject trailing junk in Address6.fromURL (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/158\"\u003e#158\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/202\"\u003e#202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/80bc76eddf63df38db60defd5004bea919adf7ac\"\u003e\u003ccode\u003e80bc76e\u003c/code\u003e\u003c/a\u003e Validate static factories instead of silently overflowing (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/201\"\u003e#201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/98927be9ef0c09f8ffcaf30b297405c9eff0a520\"\u003e\u003ccode\u003e98927be\u003c/code\u003e\u003c/a\u003e Clarify isValid() accepts CIDRs with host bits set (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/81\"\u003e#81\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/a0eb0732d6ac3088daa1106f4933eade41fd364a\"\u003e\u003ccode\u003ea0eb073\u003c/code\u003e\u003c/a\u003e Fix getScope() and broaden getType() classification (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/122\"\u003e#122\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/200\"\u003e#200\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/ec52105c87179129b9f091e97581e87b007824c7\"\u003e\u003ccode\u003eec52105\u003c/code\u003e\u003c/a\u003e Add networkForm() for CIDR network-address strings (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/199\"\u003e#199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/a9443a72215b21a1e692be75cd3e18e8aa2262cb\"\u003e\u003ccode\u003ea9443a7\u003c/code\u003e\u003c/a\u003e Add isMapped4() predicate for IPv4-mapped IPv6 addresses (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/62\"\u003e#62\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/198\"\u003e#198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/f01d74267ed39f84521157e5f199edade9809f1e\"\u003e\u003ccode\u003ef01d742\u003c/code\u003e\u003c/a\u003e Add address-property predicates (private, ULA, loopback, link-local, etc.) (#...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/beaugunderson/ip-address/compare/v9.0.5...v10.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `playwright` from 1.51.0 to 1.60.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/microsoft/playwright/releases\"\u003eplaywright's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.60.0\u003c/h2\u003e\n\u003ch2\u003e🌐 HAR recording on Tracing\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-start-har\"\u003etracing.startHar()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-tracing#tracing-stop-har\"\u003etracing.stopHar()\u003c/a\u003e expose HAR recording as a first-class tracing API, with the same \u003ccode\u003econtent\u003c/code\u003e, \u003ccode\u003emode\u003c/code\u003e and \u003ccode\u003eurlFilter\u003c/code\u003e options as \u003ccode\u003erecordHar\u003c/code\u003e. The returned \u003ca href=\"https://playwright.dev/docs/api/class-disposable\"\u003eDisposable\u003c/a\u003e makes it easy to scope a recording with \u003ccode\u003eawait using\u003c/code\u003e:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait using har = await context.tracing.startHar('trace.har');\r\nconst page = await context.newPage();\r\nawait page.goto('https://playwright.dev');\r\n// HAR is finalized when `har` goes out of scope.\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003e🪝 Drop API\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-drop\"\u003elocator.drop()\u003c/a\u003e simulates an external drag-and-drop of files or clipboard-like data onto an element. Playwright dispatches \u003ccode\u003edragenter\u003c/code\u003e, \u003ccode\u003edragover\u003c/code\u003e, and \u003ccode\u003edrop\u003c/code\u003e with a synthetic [DataTransfer] in the page context — works cross-browser and is great for testing upload zones:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eawait page.locator('#dropzone').drop({\r\n  files: { name: 'note.txt', mimeType: 'text/plain', buffer: Buffer.from('hello') },\r\n});\r\n\u003cp\u003eawait page.locator('#dropzone').drop({\ndata: {\n'text/plain': 'hello world',\n'text/uri-list': '\u003ca href=\"https://example.com\"\u003ehttps://example.com\u003c/a\u003e',\n},\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003ch2\u003e🎯 Aria snapshots\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://playwright.dev/docs/api/class-pageassertions#page-assertions-to-match-aria-snapshot\"\u003eexpect(page).toMatchAriaSnapshot()\u003c/a\u003e now works on a \u003ca href=\"https://playwright.dev/docs/api/class-page\"\u003ePage\u003c/a\u003e, in addition to a \u003ca href=\"https://playwright.dev/docs/api/class-locator\"\u003eLocator\u003c/a\u003e — equivalent to asserting against \u003ccode\u003epage.locator('body')\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eNew \u003ccode\u003eboxes\u003c/code\u003e option on \u003ca href=\"https://playwright.dev/docs/api/class-locator#locator-aria-snapshot\"\u003elocator.ariaSnapshot()\u003c/a\u003e / \u003ca href=\"https://playwright.dev/docs/api/class-page#page-aria-snapshot\"\u003epage.ariaSnapshot()\u003c/a\u003e appends each element's bounding box as \u003ccode\u003e[box=x,y,width,height]\u003c/code\u003e, useful for AI consumption.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🛑 test.abort()\u003c/h2\u003e\n\u003cp\u003eNew \u003ca href=\"https://playwright.dev/docs/api/class-test#test-abort\"\u003etest.abort()\u003c/a\u003e aborts the currently running test from a fixture, hook, or route handler with an optional message. Use it when you have detected an unrecoverable misuse and want to fail the test right away:\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003etest('does not publish to the shared page', async ({ page }) =\u0026gt; {\r\n  await page.route('**/publish', route =\u0026gt; {\r\n    test.abort('Tests must not publish to the shared page. Use the `clone` option.');\r\n    return route.abort();\r\n  });\r\n  // ...\r\n});\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eNew APIs\u003c/h2\u003e\n\u003ch3\u003eBrowser, Context and Page\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/87bb9ddbd78f329df18c2b24847bc9409240cd07\"\u003e\u003ccode\u003e87bb9dd\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40747\"\u003e#40747\u003c/a\u003e): fix(yauzl): vendor yauzl with destroy-lifecycle fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9a9c51cb7d1b39fab51ca288e59f8ca38fd19910\"\u003e\u003ccode\u003e9a9c51c\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40733\"\u003e#40733\u003c/a\u003e): chore(electron): revert \u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40184\"\u003e#40184\u003c/a\u003e (move Electron API to a s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/4b3b628663031bcaaeca907e337892263524634d\"\u003e\u003ccode\u003e4b3b628\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40736\"\u003e#40736\u003c/a\u003e): Revert \u0026quot;feat(electron): add timeout option to electronAp...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/f869f96bbe6607cc3b88b4ca96fd82f17b301b50\"\u003e\u003ccode\u003ef869f96\u003c/code\u003e\u003c/a\u003e chore: bump version to v1.60.0 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40714\"\u003e#40714\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/7eb6918afadfb0dd5c7e94ca9ffbddd84d8fbb39\"\u003e\u003ccode\u003e7eb6918\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40710\"\u003e#40710\u003c/a\u003e): docs: release notes v1.60\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/118d2aa6076d82840decca15d96b48611b08e392\"\u003e\u003ccode\u003e118d2aa\u003c/code\u003e\u003c/a\u003e cherry-pick(\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40693\"\u003e#40693\u003c/a\u003e): chore(python): formdata path type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/54012f5dcc586da2e5d6cccd75f13ca367b94579\"\u003e\u003ccode\u003e54012f5\u003c/code\u003e\u003c/a\u003e chore(deps): bump ip-address and express-rate-limit (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40680\"\u003e#40680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/9fa531da5677a3807d6e1dccd22c5137339a44f7\"\u003e\u003ccode\u003e9fa531d\u003c/code\u003e\u003c/a\u003e fix(screencast): unblock frame ack when an async client disconnects (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40674\"\u003e#40674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/3649db560ff943e724185784d34f7db131a11961\"\u003e\u003ccode\u003e3649db5\u003c/code\u003e\u003c/a\u003e chore(mcp): bump default extension protocol to v2 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40678\"\u003e#40678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/microsoft/playwright/commit/bb6c00957f47ba04caad7fca75d426309a2d32d4\"\u003e\u003ccode\u003ebb6c009\u003c/code\u003e\u003c/a\u003e chore(extension): mark 0.2.1 (\u003ca href=\"https://redirect.github.com/microsoft/playwright/issues/40679\"\u003e#40679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/microsoft/playwright/compare/v1.51.0...v1.60.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for playwright since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.5.3 to 8.5.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed declaration parsing performance (by \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax regression (by \u003ca href=\"https://github.com/43081j\"\u003e\u003ccode\u003e@​43081j\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epostcss-scss\u003c/code\u003e commend regression.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed reading any file via user-generated CSS.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eopts.unsafeMap\u003c/code\u003e to disable checks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed nested brackets parsing performance (by \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed declaration parsing performance (by \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax regression (by \u003ca href=\"https://github.com/43081j\"\u003e\u003ccode\u003e@​43081j\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epostcss-scss\u003c/code\u003e commend regression.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed reading any file via user-generated CSS.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eopts.unsafeMap\u003c/code\u003e to disable checks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed nested brackets parsing performance (by \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/eae46db765d752cf8f40c4fa2b0b85030079c43d\"\u003e\u003ccode\u003eeae46db\u003c/code\u003e\u003c/a\u003e Release 8.5.15 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/79508ffa59e42c02056aca61b88bc393c8b516c4\"\u003e\u003ccode\u003e79508ff\u003c/code\u003e\u003c/a\u003e Update CI actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/b128e2131288a411c6e28071d0929542c49e74eb\"\u003e\u003ccode\u003eb128e21\u003c/code\u003e\u003c/a\u003e Speed up declaration parsing by avoiding creating new array on each token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/9825dca02c33cf610e2a842be767468b67fbecf9\"\u003e\u003ccode\u003e9825dca\u003c/code\u003e\u003c/a\u003e Fix code format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/55789c865281e2be194fa5b4e41dd046be3a2307\"\u003e\u003ccode\u003e55789c8\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/84fbbe9009cb3cc3bbb4cc3a9b65d468f4844d95\"\u003e\u003ccode\u003e84fbbe9\u003c/code\u003e\u003c/a\u003e Install older pnpm action for old Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/9f860bd78ec1dbc4f0ae72d693f03f956baa38cb\"\u003e\u003ccode\u003e9f860bd\u003c/code\u003e\u003c/a\u003e Revert pnpm action for old Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/08771986d47359545f502e009763e223b66bfcf6\"\u003e\u003ccode\u003e0877198\u003c/code\u003e\u003c/a\u003e Update CI actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/b2d1a335cea818f8b27e5cfb90147648afe3e582\"\u003e\u003ccode\u003eb2d1a33\u003c/code\u003e\u003c/a\u003e Fix linter warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/0700dac92283bc259977dff2743ca74a00f58267\"\u003e\u003ccode\u003e0700dac\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2088\"\u003e#2088\u003c/a\u003e from rootvector2/add-oss-fuzz-harness\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.5.3...8.5.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.5.3 to 8.5.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed declaration parsing performance (by \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax regression (by \u003ca href=\"https://github.com/43081j\"\u003e\u003ccode\u003e@​43081j\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epostcss-scss\u003c/code\u003e commend regression.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed reading any file via user-generated CSS.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eopts.unsafeMap\u003c/code\u003e to disable checks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed nested brackets parsing performance (by \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed declaration parsing performance (by \u003ca href=\"https://github.com/homanp\"\u003e\u003ccode\u003e@​homanp\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax regression (by \u003ca href=\"https://github.com/43081j\"\u003e\u003ccode\u003e@​43081j\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epostcss-scss\u003c/code\u003e commend regression.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed reading any file via user-generated CSS.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eopts.unsafeMap\u003c/code\u003e to disable checks.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.11\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed nested brackets parsing performance (by \u003ca href=\"https://github.com/offset\"\u003e\u003ccode\u003e@​offset\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/eae46db765d752cf8f40c4fa2b0b85030079c43d\"\u003e\u003ccode\u003eeae46db\u003c/code\u003e\u003c/a\u003e Release 8.5.15 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/79508ffa59e42c02056aca61b88bc393c8b516c4\"\u003e\u003ccode\u003e79508ff\u003c/code\u003e\u003c/a\u003e Update CI actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/b128e2131288a411c6e28071d0929542c49e74eb\"\u003e\u003ccode\u003eb128e21\u003c/code\u003e\u003c/a\u003e Speed up declaration parsing by avoiding creating new array on each token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/9825dca02c33cf610e2a842be767468b67fbecf9\"\u003e\u003ccode\u003e9825dca\u003c/code\u003e\u003c/a\u003e Fix code format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/55789c865281e2be194fa5b4e41dd046be3a2307\"\u003e\u003ccode\u003e55789c8\u003c/code\u003e\u003c/a\u003e Update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/84fbbe9009cb3cc3bbb4cc3a9b65d468f4844d95\"\u003e\u003ccode\u003e84fbbe9\u003c/code\u003e\u003c/a\u003e Install older pnpm action for old Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/9f860bd78ec1dbc4f0ae72d693f03f956baa38cb\"\u003e\u003ccode\u003e9f860bd\u003c/code\u003e\u003c/a\u003e Revert pnpm action for old Node.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/08771986d47359545f502e009763e223b66bfcf6\"\u003e\u003ccode\u003e0877198\u003c/code\u003e\u003c/a\u003e Update CI actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/b2d1a335cea818f8b27e5cfb90147648afe3e582\"\u003e\u003ccode\u003eb2d1a33\u003c/code\u003e\u003c/a\u003e Fix linter warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/0700dac92283bc259977dff2743ca74a00f58267\"\u003e\u003ccode\u003e0700dac\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2088\"\u003e#2088\u003c/a\u003e from rootvector2/add-oss-fuzz-harness\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.5.3...8.5.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.18.0 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.18.0...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `svelte` from 5.53.5 to 5.55.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/svelte/releases\"\u003esvelte's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esvelte@5.55.9\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: don't unset batch when calling \u003ccode\u003e{#await ...}\u003c/code\u003e promise (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18243\"\u003e#18243\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: promise-ify \u003ccode\u003e{#await await ...}\u003c/code\u003e expressions on the server and correctly hydrate them on the client (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18243\"\u003e#18243\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: deduplicate dependencies that are added outside the init/update cycle (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18243\"\u003e#18243\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: avoid false-positive batch invariant error (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18246\"\u003e#18246\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: inline primitive constants in attribute values during SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18232\"\u003e#18232\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.55.8\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix(print): handle \u003ccode\u003esvelte:body\u003c/code\u003e and fix keyframe percentage double-printing (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18234\"\u003e#18234\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: execute uninitialized derived even if it's destroyed (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18228\"\u003e#18228\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: use named symbols everywhere (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18238\"\u003e#18238\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: don't run teardown effects when deriveds are unfreezed (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18227\"\u003e#18227\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: unset context synchronously in \u003ccode\u003erun\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18236\"\u003e#18236\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.55.7\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: prevent XSS on \u003ccode\u003ehydratable\u003c/code\u003e from user contents (\u003ca href=\"https://github.com/sveltejs/svelte/commit/a16ebc67bbcf8f708360195687e1b2719463e1a4\"\u003e\u003ccode\u003ea16ebc67bbcf8f708360195687e1b2719463e1a4\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: bump devalue (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18219\"\u003e#18219\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: disallow empty attribute names during SSR (\u003ca href=\"https://github.com/sveltejs/svelte/commit/547853e2406a2147ad7fb5ffeba95b01bd9642da\"\u003e\u003ccode\u003e547853e2406a2147ad7fb5ffeba95b01bd9642da\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: harden regex (\u003ca href=\"https://github.com/sveltejs/svelte/commit/d2375e2ebcab5c88feb5652f1a9d621b8f06b259\"\u003e\u003ccode\u003ed2375e2ebcab5c88feb5652f1a9d621b8f06b259\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: move Svelte runtime properties to symbols (\u003ca href=\"https://github.com/sveltejs/svelte/commit/e1cbbd96441e82c9eb8a23a2903c0d06d3cda991\"\u003e\u003ccode\u003ee1cbbd96441e82c9eb8a23a2903c0d06d3cda991\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.55.6\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: leave stale promises to wait for a later resolution, instead of rejecting (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18180\"\u003e#18180\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: keep dependencies of \u003ccode\u003e$state.eager/pending\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18218\"\u003e#18218\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: reapply context after transforming error during SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18099\"\u003e#18099\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: don't rebase just-created batches (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18117\"\u003e#18117\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md\"\u003esvelte's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.55.9\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: don't unset batch when calling \u003ccode\u003e{#await ...}\u003c/code\u003e promise (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18243\"\u003e#18243\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: promise-ify \u003ccode\u003e{#await await ...}\u003c/code\u003e expressions on the server and correctly hydrate them on the client (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18243\"\u003e#18243\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: deduplicate dependencies that are added outside the init/update cycle (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18243\"\u003e#18243\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: avoid false-positive batch invariant error (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18246\"\u003e#18246\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: inline primitive constants in attribute values during SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18232\"\u003e#18232\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.55.8\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix(print): handle \u003ccode\u003esvelte:body\u003c/code\u003e and fix keyframe percentage double-printing (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18234\"\u003e#18234\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: execute uninitialized derived even if it's destroyed (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18228\"\u003e#18228\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: use named symbols everywhere (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18238\"\u003e#18238\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: don't run teardown effects when deriveds are unfreezed (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18227\"\u003e#18227\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: unset context synchronously in \u003ccode\u003erun\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18236\"\u003e#18236\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.55.7\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: prevent XSS on \u003ccode\u003ehydratable\u003c/code\u003e from user contents (\u003ca href=\"https://github.com/sveltejs/svelte/commit/a16ebc67bbcf8f708360195687e1b2719463e1a4\"\u003e\u003ccode\u003ea16ebc67bbcf8f708360195687e1b2719463e1a4\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: bump devalue (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18219\"\u003e#18219\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: disallow empty attribute names during SSR (\u003ca href=\"https://github.com/sveltejs/svelte/commit/547853e2406a2147ad7fb5ffeba95b01bd9642da\"\u003e\u003ccode\u003e547853e2406a2147ad7fb5ffeba95b01bd9642da\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: harden regex (\u003ca href=\"https://github.com/sveltejs/svelte/commit/d2375e2ebcab5c88feb5652f1a9d621b8f06b259\"\u003e\u003ccode\u003ed2375e2ebcab5c88feb5652f1a9d621b8f06b259\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: move Svelte runtime properties to symbols (\u003ca href=\"https://github.com/sveltejs/svelte/commit/e1cbbd96441e82c9eb8a23a2903c0d06d3cda991\"\u003e\u003ccode\u003ee1cbbd96441e82c9eb8a23a2903c0d06d3cda991\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.55.6\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: leave stale promises to wait for a later resolution, instead of rejecting (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18180\"\u003e#18180\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: keep dependencies of \u003ccode\u003e$state.eager/pending\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18218\"\u003e#18218\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/b65a3f3fc5e1607966e3e27f7e28fc691e622683\"\u003e\u003ccode\u003eb65a3f3\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18240\"\u003e#18240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/ef319ed492869e075bfb29685a606bce4818adb7\"\u003e\u003ccode\u003eef319ed\u003c/code\u003e\u003c/a\u003e chore: bump acorn-typescript/esrap (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18248\"\u003e#18248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/d654db83ef3c299e0b7833e6c418ce02d6127abd\"\u003e\u003ccode\u003ed654db8\u003c/code\u003e\u003c/a\u003e fix: avoid false-positive batch invariant error (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18246\"\u003e#18246\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/000c594e05d27e3e56c08cf30274689615d99092\"\u003e\u003ccode\u003e000c594\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003e{#await await ...}\u003c/code\u003e and async dependencies fixes (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18243\"\u003e#18243\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/a5df6616ea6c8ee0984ff0fc7b04e51472f1d01d\"\u003e\u003ccode\u003ea5df661\u003c/code\u003e\u003c/a\u003e fix: avoid unnecessary stringify in server attributes (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18232\"\u003e#18232\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/f9440dc3ed28a9f1f518b0216d0e10fce00f1618\"\u003e\u003ccode\u003ef9440dc\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18239\"\u003e#18239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/ca3f35bf7d3eeea6d0b5f477d208c3fd9c19988c\"\u003e\u003ccode\u003eca3f35b\u003c/code\u003e\u003c/a\u003e fix(print): handle svelte:body and fix keyframe percentage double-printing (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/2bc3592eb1ba1b37bde6c893e84b28e2f630db59\"\u003e\u003ccode\u003e2bc3592\u003c/code\u003e\u003c/a\u003e fix: use named symbols everywhere (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18238\"\u003e#18238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/dc1f037fa67bf2fbdeb1c5f18b2b1f7d023077e3\"\u003e\u003ccode\u003edc1f037\u003c/code\u003e\u003c/a\u003e fix: don't run teardown effects when deriveds are unfreezed (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18227\"\u003e#18227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/1e899cba354d2b25593afc1bbf04bf3555b5d26a\"\u003e\u003ccode\u003e1e899cb\u003c/code\u003e\u003c/a\u003e fix: execute uninitialized derived even if it's destroyed (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18228\"\u003e#18228\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/svelte/commits/svelte@5.55.9/packages/svelte\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devalue` from 5.7.0 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/releases\"\u003edevalue's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md\"\u003edevalue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/796ea83a76eb7e0f2af376f9c2c875f1d057f50f\"\u003e\u003ccode\u003e796ea83\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/152\"\u003e#152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/206ca6712fbc380a4571c59de9ab04b91110792d\"\u003e\u003ccode\u003e206ca67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/14933f78ff6b712829162628682b0a1993e75d19\"\u003e\u003ccode\u003e14933f7\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/c5115b0074ec298fb4077f6cee5616cefbd13902\"\u003e\u003ccode\u003ec5115b0\u003c/code\u003e\u003c/a\u003e feat: \u003ccode\u003estringifyAsync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/150\"\u003e#150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/67dad450b5db18ea9aa3059d334d8b0ee6704d9e\"\u003e\u003ccode\u003e67dad45\u003c/code\u003e\u003c/a\u003e docs: update README to reflect serialization stability non-goal (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/147\"\u003e#147\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/6eb920a7db6fe388f24f640d0e4e874a57f148fb\"\u003e\u003ccode\u003e6eb920a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/8becc7c436f0d4f85e2e5b32cb49dcfdf4fdec42\"\u003e\u003ccode\u003e8becc7c\u003c/code\u003e\u003c/a\u003e fix: handle regexes consistently in uneval's value and reference formats (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/sveltejs/devalue/compare/v5.7.0...v5.8.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ip-address` from 9.0.5 to 10.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/80fccaae984618f35dc941efab55cf2440ab37e8\"\u003e\u003ccode\u003e80fccaa\u003c/code\u003e\u003c/a\u003e 10.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/abaeb4d817cab16d3a1a78abd249d1f116bd302e\"\u003e\u003ccode\u003eabaeb4d\u003c/code\u003e\u003c/a\u003e Type Address4.addressMinusSuffix as non-nilable (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/2878c294e1216f9a0b69ad1d3c57a3790a7d5e8e\"\u003e\u003ccode\u003e2878c29\u003c/code\u003e\u003c/a\u003e Preserve subnet prefix through Address6.to4() (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/123\"\u003e#123\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/203\"\u003e#203\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/586666ee9e666464071761d7a453715f98b6caee\"\u003e\u003ccode\u003e586666e\u003c/code\u003e\u003c/a\u003e Reject trailing junk in Address6.fromURL (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/158\"\u003e#158\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/202\"\u003e#202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/80bc76eddf63df38db60defd5004bea919adf7ac\"\u003e\u003ccode\u003e80bc76e\u003c/code\u003e\u003c/a\u003e Validate static factories instead of silently overflowing (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/201\"\u003e#201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/98927be9ef0c09f8ffcaf30b297405c9eff0a520\"\u003e\u003ccode\u003e98927be\u003c/code\u003e\u003c/a\u003e Clarify isValid() accepts CIDRs with host bits set (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/81\"\u003e#81\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/a0eb0732d6ac3088daa1106f4933eade41fd364a\"\u003e\u003ccode\u003ea0eb073\u003c/code\u003e\u003c/a\u003e Fix getScope() and broaden getType() classification (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/122\"\u003e#122\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/200\"\u003e#200\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/ec52105c87179129b9f091e97581e87b007824c7\"\u003e\u003ccode\u003eec52105\u003c/code\u003e\u003c/a\u003e Add networkForm() for CIDR network-address strings (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/199\"\u003e#199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/a9443a72215b21a1e692be75cd3e18e8aa2262cb\"\u003e\u003ccode\u003ea9443a7\u003c/code\u003e\u003c/a\u003e Add isMapped4() predicate for IPv4-mapped IPv6 addresses (closes \u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/62\"\u003e#62\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beaugunderson/ip-address/issues/198\"\u003e#198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beaugunderson/ip-address/commit/f01d74267ed39f84521157e5f199edade9809f1e\"\u003e\u003ccode\u003ef01d742\u003c/code\u003e\u003c/a\u003e Add address-property predicates (private, ULA, loopback, link-local, etc.) (#...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/beaugunderson/ip-address/compare/v9.0.5...v10.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ws` from 8.17.1 to 8.20.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/websockets/ws/releases\"\u003ews's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.20.1\u003c/h2\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an uninitialized memory disclosure issue in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\n(c0327ec1).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eProviding a \u003ccode\u003eTypedArray\u003c/code\u003e (e.g. \u003ccode\u003eFloat32Array\u003c/code\u003e) as the \u003ccode\u003ereason\u003c/code\u003e argument for\n\u003ccode\u003ewebsocket.close()\u003c/code\u003e, rather than the supported string or \u003ccode\u003eBuffer\u003c/code\u003e types, caused\nuninitialized memory to be disclosed to the remote peer.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eimport { deepStrictEqual } from 'node:assert';\r\nimport { WebSocket, WebSocketServer } from 'ws';\r\n\u003cp\u003econst wss = new WebSocketServer(\n{ port: 0, skipUTF8Validation: true },\nfunction () {\nconst { port } = wss.address();\nconst ws = new WebSocket(\u003ccode\u003ews://localhost:${port}\u003c/code\u003e, {\nskipUTF8Validation: true\n});\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003ews.on('close', function (code, reason) {\r\n  deepStrictEqual(reason, Buffer.alloc(80));\r\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e}\n);\u003c/p\u003e\n\u003cp\u003ewss.on('connection', function (ws) {\nws.close(1000, new Float32Array(20));\n});\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe issue was privately reported by \u003ca href=\"https://github.com/ChALkeR\"\u003eNikita Skovoroda\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e8.20.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded exports for the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and utilities for the\n\u003ccode\u003eSec-WebSocket-Extensions\u003c/code\u003e and \u003ccode\u003eSec-WebSocket-Protocol\u003c/code\u003e headers (d3503c1f).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.19.0\u003c/h2\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003ecloseTimeout\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/websockets/ws/issues/2308\"\u003e#2308\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eHandled a forthcoming breaking change in Node.js core (19984854).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5d9b316230ea931532a6671cc450f18c11edd02f\"\u003e\u003ccode\u003e5d9b316\u003c/code\u003e\u003c/a\u003e [dist] 8.20.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086\"\u003e\u003ccode\u003ec0327ec\u003c/code\u003e\u003c/a\u003e [security] Fix uninitialized memory disclosure in \u003ccode\u003ewebsocket.close()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/ce2a3d62437995a47e6056d485a33d21b6a8f867\"\u003e\u003ccode\u003ece2a3d6\u003c/code\u003e\u003c/a\u003e [ci] Test on node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/58e45b872bb0f35a3edd553c27e105300a4f5bd0\"\u003e\u003ccode\u003e58e45b8\u003c/code\u003e\u003c/a\u003e [ci] Do not test on node 25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/5f26c245231a4b018479a9269e8c3da4773fe42f\"\u003e\u003ccode\u003e5f26c24\u003c/code\u003e\u003c/a\u003e [ci] Run the lint step on node 24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/843925544e2f4cffe445e0179947f56d6c5b608f\"\u003e\u003ccode\u003e8439255\u003c/code\u003e\u003c/a\u003e [dist] 8.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/d3503c1fd36a310985108f62b343bae18346ab67\"\u003e\u003ccode\u003ed3503c1\u003c/code\u003e\u003c/a\u003e [minor] Export the \u003ccode\u003ePerMessageDeflate\u003c/code\u003e class and header utils\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/3ee5349a0b1580f6e1f347b59ec3371011bd8481\"\u003e\u003ccode\u003e3ee5349\u003c/code\u003e\u003c/a\u003e [api] Convert the \u003ccode\u003eisServer\u003c/code\u003e and \u003ccode\u003emaxPayload\u003c/code\u003e parameters to options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/91707b470ebd803aaa3fd1e896217740f39267d4\"\u003e\u003ccode\u003e91707b4\u003c/code\u003e\u003c/a\u003e [doc] Add missing space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/commit/8b553192268810a83253e2a4a39ac16768e75bb3\"\u003e\u003ccode\u003e8b55319\u003c/code\u003e\u003c/a\u003e [pkg] Update eslint to version 10.0.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/websockets/ws/compare/8.18.0...8.20.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `uuid`\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore thi...\n\n_Description has been truncated_\n\n---\n\n🔧 This PR updates 11 npm dependencies across 4 directories to their latest versions, including major version bumps for Vite (6.x → 8.x), esbuild (0.25 → 0.28), and Playwright (1.51 → 1.60), along with security fixes for several packages.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Build Tools**: Vite updated from 6.4.2 to 8.0.14 across multiple packages, esbuild from 0.25.0 to 0.28.0\n- **Testing Framework**: Playwright upgraded from 1.51.0 to 1.60.0 with new features like HAR recording, drop API, and aria snapshots\n- **Security Updates**: Multiple packages received security patches including browserify-sign, cipher-base, postcss, and ws\n- **Utility Libraries**: Updated minimatch (3.1.4 → 10.2.5), ip-address (9.0.5 → 10.2.0), yaml (2.8.3 → 2.9.0)\n- **Azure SDK**: Updated @azure/identity and @azure/storage-blob to latest versions\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify Vulnerable Dependencies]\n    B --\u003e C[Update Package Versions]\n    C --\u003e D[Root Directory Updates]\n    C --\u003e E[Playwright Directory Updates]\n    C --\u003e F[Examples Directory Updates]\n    C --\u003e G[Utils Directory Updates]\n    D --\u003e H[Security Patches Applied]\n    E --\u003e H\n    F --\u003e H\n    G --\u003e H\n    H --\u003e I[Automated Testing]\n    I --\u003e J[PR Creation]\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple security vulnerabilities in cryptographic libraries and web socket implementations\n- **Feature Improvements**: Playwright 1.60 introduces new testing capabilities including HAR recording on tracing and drop API for drag-and-drop testing\n- **Performance Gains**: Updated build tools and utilities provide better performance and modern JavaScript support\n- **Maintenance**: Keeps dependencies current and reduces technical debt across the project ecosystem\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/playwright-crx/pull/10","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fplaywright-crx/issues/10","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/10/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-05-22T21:56:29.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4505809996","node_id":"PR_kwDOBTb13s7egWqB","number":159,"state":"closed","title":"build(deps): bump the web-npm-security-minor-patch group across 1 directory with 23 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-22T23:56:14.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-22T21:56:29.000Z","updated_at":"2026-05-22T23:56:15.000Z","time_to_close":7185,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"web-npm-security-minor-patch","update_count":23,"packages":[{"name":"underscore","old_version":"1.12.1","new_version":"1.13.8","repository_url":"https://github.com/jashkenas/underscore"},{"name":"@babel/runtime","old_version":"7.6.0","new_version":"7.29.2","repository_url":"https://github.com/babel/babel"},{"name":"@babel/traverse","old_version":"7.2.3","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"browserify-sign","old_version":"4.0.4","new_version":"4.2.5","repository_url":"https://github.com/crypto-browserify/browserify-sign"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"decode-uri-component","old_version":"0.2.0","new_version":"0.2.2","repository_url":"https://github.com/SamVerschueren/decode-uri-component"},{"name":"qs","old_version":"6.5.2","new_version":"6.15.2","repository_url":"https://github.com/ljharb/qs"},{"name":"body-parser","old_version":"1.18.3","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"handlebars","old_version":"4.5.3","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"immutable","old_version":"5.1.3","new_version":"5.1.5","repository_url":"https://github.com/immutable-js/immutable-js"},{"name":"tmp","old_version":"0.0.33","new_version":"0.2.5","repository_url":"https://github.com/raszi/node-tmp"}],"path":null,"ecosystem":"npm"},"body":"Bumps the web-npm-security-minor-patch group with 11 updates in the /web directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [underscore](https://github.com/jashkenas/underscore) | `1.12.1` | `1.13.8` |\n| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.6.0` | `7.29.2` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.2.3` | `7.29.0` |\n| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.5` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |\n| [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.15.2` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.18.3` | `1.20.5` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.5.3` | `4.7.9` |\n| [immutable](https://github.com/immutable-js/immutable-js) | `5.1.3` | `5.1.5` |\n| [tmp](https://github.com/raszi/node-tmp) | `0.0.33` | `0.2.5` |\n\n\nUpdates `underscore` from 1.12.1 to 1.13.8\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/9374840c22e348083d0d072f30dc980622523259\"\u003e\u003ccode\u003e9374840\u003c/code\u003e\u003c/a\u003e Merge branch 'release/1.13.8'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/309ad7e6658b927ca5f28ce069665d9c523c53e5\"\u003e\u003ccode\u003e309ad7e\u003c/code\u003e\u003c/a\u003e Re-generate annotated sources and minified codemaps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/a1ac1d33537662304d4985f61301112ea0f1f051\"\u003e\u003ccode\u003ea1ac1d3\u003c/code\u003e\u003c/a\u003e Add links to diff and docs in 1.13.8 change log entry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/b579595ec9da8db15196bc1d3547833458939c44\"\u003e\u003ccode\u003eb579595\u003c/code\u003e\u003c/a\u003e Mention CVE-2026-27601 in comments and documentation (\u003ca href=\"https://redirect.github.com/jashkenas/underscore/issues/3011\"\u003e#3011\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/45ea015a99069780db492a114c1e709dd77d3b89\"\u003e\u003ccode\u003e45ea015\u003c/code\u003e\u003c/a\u003e Revert obfuscations from 42823bb.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/4a4019e00beb2c42eda20c05f375a35983b748f0\"\u003e\u003ccode\u003e4a4019e\u003c/code\u003e\u003c/a\u003e Update minified bundles\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/1ccfdd0c50470d862bb553c1e0c70567a59d4355\"\u003e\u003ccode\u003e1ccfdd0\u003c/code\u003e\u003c/a\u003e Add preliminary release notes for 1.13.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/42823bbff87e9fe82855d5adb5ba7ff839f8b446\"\u003e\u003ccode\u003e42823bb\u003c/code\u003e\u003c/a\u003e Temporarily obfuscate comments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/a6e23ae9647461ec33ad9f92a2ecfc220eea0a84\"\u003e\u003ccode\u003ea6e23ae\u003c/code\u003e\u003c/a\u003e Make _.isEqual nonrecursive\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jashkenas/underscore/commit/f2b516441ab99b82045f2a336c348899e6527e00\"\u003e\u003ccode\u003ef2b5164\u003c/code\u003e\u003c/a\u003e Add regression test against stack overflow in _.isEqual\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jashkenas/underscore/compare/1.12.1...1.13.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/runtime` from 7.6.0 to 7.29.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/runtime's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17789\"\u003e#17789\u003c/a\u003e [7.x backport] preset-env include/exclude should accept bugfix plugins (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17813\"\u003e#17813\u003c/a\u003e chore: update eslint peer deps (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.1 (2026-02-04)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17771\"\u003e#17771\u003c/a\u003e [7.x backport] fix: ensure \u003ccode\u003etargets.esmodules\u003c/code\u003e is validated (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17776\"\u003e#17776\u003c/a\u003e [7.x backport] Fix undefined when 64 indents (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 2\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cac0ff4c3426eed30b4d27e7971b348da7c9f1e6\"\u003e\u003ccode\u003ecac0ff4\u003c/code\u003e\u003c/a\u003e v7.28.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/f68ac511f091f6d1f698e8ce59cd668d3bfc6102\"\u003e\u003ccode\u003ef68ac51\u003c/code\u003e\u003c/a\u003e chore: Avoid CITGM errors (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17382\"\u003e#17382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/baa4cb8b9f8a551d7dae9042b19ea2f74df6b110\"\u003e\u003ccode\u003ebaa4cb8\u003c/code\u003e\u003c/a\u003e v7.27.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/7d069309fdfcedda2928a043f6f7c98135c1242a\"\u003e\u003ccode\u003e7d06930\u003c/code\u003e\u003c/a\u003e v7.27.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/5b9468d9bf1ab4f427241673e9f03593da115a69\"\u003e\u003ccode\u003e5b9468d\u003c/code\u003e\u003c/a\u003e Reduce \u003ccode\u003eregenerator\u003c/code\u003e size more (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-runtime/issues/17287\"\u003e#17287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cb78b5b50e327e27467086cf8bbe196bda7cea9b\"\u003e\u003ccode\u003ecb78b5b\u003c/code\u003e\u003c/a\u003e [babel 8] Do not replace global \u003ccode\u003eregeneratorRuntime\u003c/code\u003e references in regenerato...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.2/packages/babel-runtime\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/runtime\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.2.3 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/traverse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `browserify-sign` from 4.0.4 to 4.2.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md\"\u003ebrowserify-sign's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.4...v4.2.5\"\u003ev4.2.5\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] clean up tests and convert console info skips to tape skips \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] drop unsupported nodes from CI \u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.3...v4.2.4\"\u003ev4.2.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[actions] split out node 10-20, and 20+ \u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove \u003ccode\u003efiles\u003c/code\u003e field \u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003esemver\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5f6698211aa1d6dddaba8c245f40f63ae28924a3\"\u003e\u003ccode\u003e5f66982\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] replace \u003ccode\u003eaud\u003c/code\u003e with \u003ccode\u003enpm audit\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d44b24d8691d699ccc76780b106fe9c1bf0d1558\"\u003e\u003ccode\u003ed44b24d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] revert 9e2bf12, now that v3.1.1 is out \u003ca href=\"https://github.com/browserify/browserify-sign/commit/428cf7f3f0d09f1b39312e5e51620ca684b5c1ac\"\u003e\u003ccode\u003e428cf7f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.2...v4.2.3\"\u003ev4.2.3\u003c/a\u003e - 2024-03-05\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[patch] widen support to 0.12 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9247adfd261ededfec1c036c9d8f36c4e9f87c0e\"\u003e\u003ccode\u003e9247adf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[patch] drop minimum node support to v1 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/4d0ee49ae2dc238b877dce9aed7e23fb4cb5088d\"\u003e\u003ccode\u003e4d0ee49\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eaud\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/87f3a35a587b377da2c1987af8d41c57b5afe0a5\"\u003e\u003ccode\u003e87f3a35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] remove redundant finisher \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37a475856843b7d1b2403fdafac0024ba252e579\"\u003e\u003ccode\u003e37a4758\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003ehash-base\u003c/code\u003e to ~3.0, due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9e2bf122b70970cb92f69d53e963f18299f14d66\"\u003e\u003ccode\u003e9e2bf12\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1 [\u003c/code\u003ef427270`](\u003ca href=\"https://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\"\u003ehttps://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/fb261cea57f92b3d98bc4d8bc6228c43a5de2e91\"\u003e\u003ccode\u003efb261ce\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003eelliptic\u003c/code\u003e due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/168e16fcb54886a0281b0c983e1482a097042684\"\u003e\u003ccode\u003e168e16f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.1...v4.2.2\"\u003ev4.2.2\u003c/a\u003e - 2023-10-25\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] log when openssl doesn't support cipher \u003ca href=\"https://redirect.github.com/browserify/browserify-sign/issues/37\"\u003e\u003ccode\u003e[#37](https://github.com/crypto-browserify/browserify-sign/issues/37)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/browserify-sign/commit/09a89959393b3c89fedd4f7f3bafa4fec44371d7\"\u003e\u003ccode\u003e09a8995\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/browserify-sign/commit/83fe46374b819e959d56d2c0b931308f7451a664\"\u003e\u003ccode\u003e83fe463\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/44181838e7dcc4d5d0c568f74312ea28f0bcdfd5\"\u003e\u003ccode\u003e4418183\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9ac5a5eaaac8a11eb70ec2febd13745c8764ae02\"\u003e\u003ccode\u003e9ac5a5e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to github actions \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d845d855def38e2085d5a21e447a48300f99fa60\"\u003e\u003ccode\u003ed845d85\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003esign\u003c/code\u003e: throw on unsupported padding scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/8767739a4516289568bcce9fed8a3b7e23478de9\"\u003e\u003ccode\u003e8767739\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] properly check the upper bound for DSA signatures \u003ca href=\"https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30\"\u003e\u003ccode\u003e85994cd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle openSSL not supporting a scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/f5f17c27f9824de40b5ce8ebd8502111203fd6af\"\u003e\u003ccode\u003ef5f17c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/d3a7458af692134219fce56a082068f678e12474\"\u003e\u003ccode\u003ed3a7458\u003c/code\u003e\u003c/a\u003e v4.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e [Tests] clean up tests and convert console info skips to tape skips\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e [Fix] restore node 0.10 support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e [actions] drop unsupported nodes from CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/9c371720efd60af4e08f83df4cd612a6ed135cec\"\u003e\u003ccode\u003e9c37172\u003c/code\u003e\u003c/a\u003e v4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e [meta] remove \u003ccode\u003efiles\u003c/code\u003e field\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e [actions] split out node 10-20, and 20+\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/browserify-sign/compare/v4.0.4...v4.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for browserify-sign since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `decode-uri-component` from 0.2.0 to 0.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/releases\"\u003edecode-uri-component's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent overwriting previously decoded tokens  980e0bf\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2\"\u003ehttps://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitch to GitHub workflows  76abc93\u003c/li\u003e\n\u003cli\u003eFix issue where decode throws - fixes \u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/6\"\u003e#6\u003c/a\u003e  746ca5d\u003c/li\u003e\n\u003cli\u003eUpdate license (\u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/1\"\u003e#1\u003c/a\u003e)  486d7e2\u003c/li\u003e\n\u003cli\u003eTidelift tasks  a650457\u003c/li\u003e\n\u003cli\u003eMeta tweaks  66e1c28\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1\"\u003ehttps://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb\"\u003e\u003ccode\u003ea0eea46\u003c/code\u003e\u003c/a\u003e 0.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152\"\u003e\u003ccode\u003e980e0bf\u003c/code\u003e\u003c/a\u003e Prevent overwriting previously decoded tokens\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33\"\u003e\u003ccode\u003e3c8a373\u003c/code\u003e\u003c/a\u003e 0.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3\"\u003e\u003ccode\u003e76abc93\u003c/code\u003e\u003c/a\u003e Switch to GitHub workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9\"\u003e\u003ccode\u003e746ca5d\u003c/code\u003e\u003c/a\u003e Fix issue where decode throws - fixes \u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/6\"\u003e#6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30\"\u003e\u003ccode\u003e486d7e2\u003c/code\u003e\u003c/a\u003e Update license (\u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/1\"\u003e#1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134\"\u003e\u003ccode\u003ea650457\u003c/code\u003e\u003c/a\u003e Tidelift tasks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02\"\u003e\u003ccode\u003e66e1c28\u003c/code\u003e\u003c/a\u003e Meta tweaks\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `elliptic` from 6.5.1 to 6.6.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/9b77436a59cc35eccf4ffb848259c8762a492ee7\"\u003e\u003ccode\u003e9b77436\u003c/code\u003e\u003c/a\u003e 6.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/04cb6f54ce552b3ebde6be06d6050419e1c7333e\"\u003e\u003ccode\u003e04cb6f5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/b8a7edd61a0d9bddd0bbf3436a4b476401edbe20\"\u003e\u003ccode\u003eb8a7edd\u003c/code\u003e\u003c/a\u003e 6.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/34c853478cec1be4e37260ed2cb12cdbdc6402cf\"\u003e\u003ccode\u003e34c8534\u003c/code\u003e\u003c/a\u003e fix: signature verification due to leading zeros\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/3e46a48fdd2ef2f89593e5e058d85530578c9761\"\u003e\u003ccode\u003e3e46a48\u003c/code\u003e\u003c/a\u003e 6.5.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/accb61e9c1a005e5c8ff96a8b33893100bb42d11\"\u003e\u003ccode\u003eaccb61e\u003c/code\u003e\u003c/a\u003e lib: DER signature decoding correction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/03e06e135c8e44a2da560fa197d0ba1e1e2759e9\"\u003e\u003ccode\u003e03e06e1\u003c/code\u003e\u003c/a\u003e 6.5.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281\"\u003e\u003ccode\u003e7ac5360\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/75700785ff41bb5d029d19186beff26d4883caa5\"\u003e\u003ccode\u003e7570078\u003c/code\u003e\u003c/a\u003e 6.5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/elliptic/commit/206da2ee373e68466cde353f81fb59ef251b740b\"\u003e\u003ccode\u003e206da2e\u003c/code\u003e\u003c/a\u003e lib: lint\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/elliptic/compare/v6.5.1...v6.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `qs` from 6.5.2 to 6.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ljharb/qs/blob/main/CHANGELOG.md\"\u003eqs's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + \u003ccode\u003eencodeValuesOnly\u003c/code\u003e instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashing in \u003ccode\u003eencoder\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/551\"\u003e#551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/530\"\u003e#530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] fix grammar (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/550\"\u003e#550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: \u003ccode\u003eparameterLimit: Infinity\u003c/code\u003e with \u003ccode\u003ethrowOnLimitExceeded: true\u003c/code\u003e silently drops all parameters\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eiconv-lite\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] increase coverage\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.15.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003estrictMerge\u003c/code\u003e option to wrap object/primitive conflicts in an array (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/425\"\u003e#425\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ljharb/qs/issues/122\"\u003e#122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eduplicates\u003c/code\u003e option should not apply to bracket notation keys (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/514\"\u003e#514\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.2\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: mark overflow objects for indexed notation exceeding \u003ccode\u003earrayLimit\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/546\"\u003e#546\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003earrayLimit\u003c/code\u003e means max count, not max index, in \u003ccode\u003ecombine\u003c/code\u003e/\u003ccode\u003emerge\u003c/code\u003e/\u003ccode\u003eparseArrayValue\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: throw on \u003ccode\u003earrayLimit\u003c/code\u003e exceeded with indexed notation when \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e is true (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/529\"\u003e#529\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: enforce \u003ccode\u003earrayLimit\u003c/code\u003e on \u003ccode\u003ecomma\u003c/code\u003e-parsed values\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: fix error message to reflect arrayLimit as max index; remove extraneous comments (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/545\"\u003e#545\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Robustness] avoid \u003ccode\u003e.push\u003c/code\u003e, use \u003ccode\u003evoid\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[readme] document that \u003ccode\u003eaddQueryPrefix\u003c/code\u003e does not add \u003ccode\u003e?\u003c/code\u003e to empty output (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/418\"\u003e#418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] clarify \u003ccode\u003eparseArrays\u003c/code\u003e and \u003ccode\u003earrayLimit\u003c/code\u003e documentation (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/543\"\u003e#543\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[readme] replace runkit CI badge with shields.io check-runs badge\u003c/li\u003e\n\u003cli\u003e[meta] fix changelog typo (\u003ccode\u003earrayLength\u003c/code\u003e → \u003ccode\u003earrayLimit\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e[actions] fix rebase workflow permissions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.1\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] ensure \u003ccode\u003earrayLimit\u003c/code\u003e applies to \u003ccode\u003e[]\u003c/code\u003e notation as well\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003eparse\u003c/code\u003e: when a custom decoder returns \u003ccode\u003enull\u003c/code\u003e for a key, ignore that key\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: extract key segment splitting helper\u003c/li\u003e\n\u003cli\u003e[meta] add threat model\u003c/li\u003e\n\u003cli\u003e[actions] add workflow permissions\u003c/li\u003e\n\u003cli\u003e[Tests] \u003ccode\u003estringify\u003c/code\u003e: increase coverage\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eeslint\u003c/code\u003e, \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003efor-each\u003c/code\u003e, \u003ccode\u003eobject-inspect\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003cstrong\u003e6.14.0\u003c/strong\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[New] \u003ccode\u003eparse\u003c/code\u003e: add \u003ccode\u003ethrowOnParameterLimitExceeded\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/ljharb/qs/issues/517\"\u003e#517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Refactor] \u003ccode\u003eparse\u003c/code\u003e: use \u003ccode\u003eutils.combine\u003c/code\u003e more\u003c/li\u003e\n\u003cli\u003e[patch] \u003ccode\u003eparse\u003c/code\u003e: add explicit \u003ccode\u003ethrowOnLimitExceeded\u003c/code\u003e default\u003c/li\u003e\n\u003cli\u003e[actions] use shared action; re-add finishers\u003c/li\u003e\n\u003cli\u003e[meta] Fix changelog formatting bug\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eside-channel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003ees-value-fixtures\u003c/code\u003e, \u003ccode\u003ehas-bigints\u003c/code\u003e, \u003ccode\u003ehas-proto\u003c/code\u003e, \u003ccode\u003ehas-symbols\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8\"\u003e\u003ccode\u003e9aca407\u003c/code\u003e\u003c/a\u003e v6.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992\"\u003e\u003ccode\u003e5e33d33\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41\"\u003e\u003ccode\u003e21f80b3\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined entries in \u003ccode\u003earrayFormat: 'comma'\u003c/code\u003e + `e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c\"\u003e\u003ccode\u003ea0a81ea\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: use configured \u003ccode\u003edelimiter\u003c/code\u003e after \u003ccode\u003echarsetSentinel\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8\"\u003e\u003ccode\u003ee3062f7\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: apply \u003ccode\u003eformatter\u003c/code\u003e to encoded key under \u003ccode\u003estrictNullHandling\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0\"\u003e\u003ccode\u003e0c180a4\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003estringify\u003c/code\u003e: skip null/undefined filter-array entries instead of crashi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656\"\u003e\u003ccode\u003e3a8b94a\u003c/code\u003e\u003c/a\u003e [Tests] add regression tests for keys containing percent-encoded bracket text\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d\"\u003e\u003ccode\u003e96755ab\u003c/code\u003e\u003c/a\u003e [readme] fix grammar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6\"\u003e\u003ccode\u003ea419ce5\u003c/code\u003e\u003c/a\u003e [Fix] \u003ccode\u003eparse\u003c/code\u003e: handle nested bracket groups and add regression tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170\"\u003e\u003ccode\u003e3f5e1c5\u003c/code\u003e\u003c/a\u003e v6.15.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ljharb/qs/compare/v6.5.2...v6.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version modifies \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 1.18.3 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: add support for OSSF scorecard reporting by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: fix errors in ci github action for node 8 and 9 by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/523\"\u003eexpressjs/body-parser#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pin to node@22.4.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/527\"\u003eexpressjs/body-parser#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.12.3 by \u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd OSSF Scorecard badge by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLinter by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/535\"\u003eexpressjs/body-parser#535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/1.20.5/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.5 / 2026-04-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003cli\u003efix: extended urlencoded parsing of arrays with \u0026gt;100 elements (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.4 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@~6.14.0\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: raw-body@~2.5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.3 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.2 / 2023-02-21\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix strict json error message on Node.js 19+\u003c/li\u003e\n\u003cli\u003edeps: content-type@~1.0.5\n\u003cul\u003e\n\u003cli\u003eperf: skip value escaping when unnecessary\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: raw-body@2.5.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.1 / 2022-10-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.11.0\u003c/li\u003e\n\u003cli\u003eperf: remove unnecessary object clone\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.0 / 2022-04-02\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix error message for json parse whitespace in \u003ccode\u003estrict\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix internal error when inflated body exceeds limit\u003c/li\u003e\n\u003cli\u003ePrevent loss of async hooks context\u003c/li\u003e\n\u003cli\u003ePrevent hanging when request already read\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\n\u003cul\u003e\n\u003cli\u003eReplace internal \u003ccode\u003eeval\u003c/code\u003e usage with \u003ccode\u003eFunction\u003c/code\u003e constructor\u003c/li\u003e\n\u003cli\u003eUse instance methods on \u003ccode\u003eprocess\u003c/code\u003e to check for listeners\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\n\u003cul\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.10.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/0defdbe7f95ad0d3bc007d3a7c59c8c0ab9e6575\"\u003e\u003ccode\u003e0defdbe\u003c/code\u003e\u003c/a\u003e release(patch): 1.20.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/cd0e7a000c53e7be7262d303e57a352b6a00db7f\"\u003e\u003ccode\u003ecd0e7a0\u003c/code\u003e\u003c/a\u003e deps(qs): bump qs to 6.15.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6f24d7e8bcd9860b136920926ce86da1a7dd1d51\"\u003e\u003ccode\u003e6f24d7e\u003c/code\u003e\u003c/a\u003e fix: correct off-by-one error in parameterCount (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b849bd533d8b4abf5576a3e301f28d9befa05ddd\"\u003e\u003ccode\u003eb849bd5\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/690\"\u003e#690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2c55e2f712f320a8e8d0f9fcb1d06526d0e401c9\"\u003e\u003ccode\u003e2c55e2f\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3\"\u003e\u003ccode\u003e7db202c\u003c/code\u003e\u003c/a\u003e 1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989\"\u003e\u003ccode\u003ed8f8adb\u003c/code\u003e\u003c/a\u003e ci: add CodeQL (SAST) (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3\"\u003e\u003ccode\u003e6d133c1\u003c/code\u003e\u003c/a\u003e chore: remove SECURITY.md (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/669\"\u003e#669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66\"\u003e\u003ccode\u003efcd1535\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/668\"\u003e#668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6\"\u003e\u003ccode\u003eec5fa29\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/664\"\u003e#664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.18.3...1.20.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for body-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.5.3 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md\"\u003ehandlebars's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9 - March 26th, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.8 - July 27th, 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake library compatible with workers (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1894\"\u003e#1894\u003c/a\u003e) - 3d3796c\u003c/li\u003e\n\u003cli\u003eDon't rely on Node.js global object (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1776\"\u003e#1776\u003c/a\u003e) - 2954e7e\u003c/li\u003e\n\u003cli\u003eFix compiling of each block params in strict mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1855\"\u003e#1855\u003c/a\u003e) - 30dbf04\u003c/li\u003e\n\u003cli\u003eFix rollup warning when importing Handlebars as ESM - 03d387b\u003c/li\u003e\n\u003cli\u003eFix bundler issue with webpack 5 (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1862\"\u003e#1862\u003c/a\u003e) - c6c6bbb\u003c/li\u003e\n\u003cli\u003eUse https instead of git for mustache submodule - 88ac068\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/compare/v4.7.7...v4.7.8\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.7 - February 15th, 2021\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix weird error in integration tests - eb860c0\u003c/li\u003e\n\u003cli\u003efix: check prototype property access in strict-mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1736\"\u003e#1736\u003c/a\u003e) - b6d3de7\u003c/li\u003e\n\u003cli\u003efix: escape property names in compat mode (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1736\"\u003e#1736\u003c/a\u003e) - f058970\u003c/li\u003e\n\u003cli\u003erefactor: In spec tests, use expectTemplate over equals and shouldThrow (\u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1683\"\u003e#1683\u003c/a\u003e) - 77825f8\u003c/li\u003e\n\u003cli\u003echore: start testing on Node.js 12 and 13 - 3789a30\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e(POSSIBLY) BREAKING CHANGES:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ethe changes from version \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md#v460---january-8th-2020\"\u003e4.6.0\u003c/a\u003e now also apply\nin when using the compile-option \u0026quot;strict: true\u0026quot;. Access to prototype properties is forbidden completely by default, specific properties or methods\ncan be allowed via runtime-options. See \u003ca href=\"https://redirect.github.com/handlebars-lang/handlebars.js/issues/1633\"\u003e#1633\u003c/a\u003e for details. If you are using Handlebars as documented, you should not be accessing prototype properties\nfrom your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThat is why we only bump the patch version despite mentioning breaking changes.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/wycats/handlebars.js/compare/v4.7.6...v4.7.7\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.7.6 - April 3rd, 2020\u003c/h2\u003e\n\u003cp\u003eChore/Housekeeping:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/wycats/handlebars.js/issues/1672\"\u003e#1672\u003c/a\u003e - Switch cmd parser to latest minimist (\u003ca href=\"https://api.github.com/users/dougwilson\"\u003e\u003ccode\u003e@​dougwilson\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCompatibility notes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestored Node.js compatibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/dce542c9a660048d31f0981ac8a45c08b919bddb\"\u003e\u003ccode\u003edce542c\u003c/code\u003e\u003c/a\u003e v4.7.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8a41389ba5b2624b6f43a5463d8e2533b843a562\"\u003e\u003ccode\u003e8a41389\u003c/code\u003e\u003c/a\u003e Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2\"\u003e\u003ccode\u003e68d8df5\u003c/code\u003e\u003c/a\u003e Fix security issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/b2a083136b11e1da9f0f47a11f749a9830a49328\"\u003e\u003ccode\u003eb2a0831\u003c/code\u003e\u003c/a\u003e Fix browser tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/9f98c1629834abf8de5a127caff8a2eab03d2c12\"\u003e\u003ccode\u003e9f98c16\u003c/code\u003e\u003c/a\u003e Fix release script\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/45443b4290475dfb7cec32a85d344f12ab345eb9\"\u003e\u003ccode\u003e45443b4\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Improve partial indenting performance\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/8841a5f6d35096aee95d68e1e49636a4cb5c661e\"\u003e\u003ccode\u003e8841a5f\u003c/code\u003e\u003c/a\u003e Fix CI errors with linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e0137c26f2202593bca7cc25184e733e87d54709\"\u003e\u003ccode\u003ee0137c2\u003c/code\u003e\u003c/a\u003e fix: enable shell mode for spawn to resolve Windows EINVAL issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/e914d6037ffb0dd371f7e4823cdb019732ae66d7\"\u003e\u003ccode\u003ee914d60\u003c/code\u003e\u003c/a\u003e Improve rendering performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/commit/7de4b41c344a5d702edca93d1841b59642fa32bd\"\u003e\u003ccode\u003e7de4b41\u003c/code\u003e\u003c/a\u003e Upgrade GitHub Actions checkout and setup-node on 4.x branch\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/...\n\n_Description has been truncated_","html_url":"https://github.com/elkozmon/zoonavigator/pull/159","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/elkozmon%2Fzoonavigator/issues/159","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/159/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-05-21T18:14:22.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4496917017","node_id":"PR_kwDOHHtGe87eDhI6","number":17,"state":"closed","title":"Bump the npm_and_yarn group across 3 directories with 28 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-21T23:27:19.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-21T18:14:22.000Z","updated_at":"2026-05-21T23:27:21.000Z","time_to_close":18777,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":28,"packages":[{"name":"postcss","old_version":"8.3.11","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.13.8","new_version":"7.29.4","repository_url":"https://github.com/babel/babel"},{"name":"ansi-regex","old_version":"4.1.0","new_version":"5.0.1","repository_url":"https://github.com/chalk/ansi-regex"},{"name":"async","old_version":"2.6.3","new_version":"2.6.4","repository_url":"https://github.com/caolan/async"},{"name":"json5","old_version":"1.0.1","new_version":"2.2.3","repository_url":"https://github.com/json5/json5"},{"name":"loader-utils","old_version":"2.0.0","new_version":"2.0.4","repository_url":"https://github.com/webpack/loader-utils"},{"name":"loader-utils","old_version":"1.4.0","new_version":"1.4.2","repository_url":"https://github.com/webpack/loader-utils"},{"name":"braces","old_version":"2.3.2","new_version":"3.0.3","repository_url":"https://github.com/micromatch/braces"},{"name":"browserify-sign","old_version":"4.2.1","new_version":"4.2.5","repository_url":"https://github.com/crypto-browserify/browserify-sign"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"decode-uri-component","old_version":"0.2.0","new_version":"0.2.2","repository_url":"https://github.com/SamVerschueren/decode-uri-component"},{"name":"flatted","old_version":"3.1.1","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"2.3.3","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"js-yaml","old_version":"3.13.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"picomatch","old_version":"2.2.2","new_version":"4.0.4","repository_url":"https://github.com/micromatch/picomatch"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 2 updates in the /wp-content/themes/shapely/inc/libraries/epsilon-framework directory: [grunt](https://github.com/gruntjs/grunt) and [vue-template-compiler](https://github.com/vuejs/vue).\nBumps the npm_and_yarn group with 15 updates in the /wp-content/themes/twentytwenty directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [postcss](https://github.com/postcss/postcss) | `8.3.11` | `8.5.10` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.13.8` | `7.29.4` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `5.0.1` |\n| [async](https://github.com/caolan/async) | `2.6.3` | `2.6.4` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `2.2.3` |\n| [loader-utils](https://github.com/webpack/loader-utils) | `2.0.0` | `2.0.4` |\n| [loader-utils](https://github.com/webpack/loader-utils) | `1.4.0` | `1.4.2` |\n| [braces](https://github.com/micromatch/braces) | `2.3.2` | `3.0.3` |\n| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.2.1` | `4.2.5` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.1.1` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `2.3.3` | `3.0.4` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.13.1` | `3.14.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.2.2` | `4.0.4` |\n\nBumps the npm_and_yarn group with 9 updates in the /wp-content/themes/twentytwentyone directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [postcss](https://github.com/postcss/postcss) | `8.3.11` | `8.5.15` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.14.2` | `7.29.0` |\n| [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `6.2.2` |\n| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |\n| [shell-quote](https://github.com/ljharb/shell-quote) | `1.7.2` | `1.8.3` |\n\n\nUpdates `grunt` from 0.4.5 to 1.6.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gruntjs/grunt/releases\"\u003egrunt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChangelog updates  72f6f03\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1755\"\u003e#1755\u003c/a\u003e from gruntjs/rm-dep  8d4c183\u003c/li\u003e\n\u003cli\u003eAdd recursive  1c7d483\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1756\"\u003e#1756\u003c/a\u003e from gruntjs/downgrade-glob  2d4fd38\u003c/li\u003e\n\u003cli\u003eDowngrade glob  902db7c\u003c/li\u003e\n\u003cli\u003eFix syntax  494f243\u003c/li\u003e\n\u003cli\u003eremove mkdirp  b01389e\u003c/li\u003e\n\u003cli\u003eremove dep on rimraf and mkdirp  0072510\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.6.0...v1.6.1\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.6.0...v1.6.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1750\"\u003e#1750\u003c/a\u003e from gruntjs/dep-update-jan28  2805dc3\u003c/li\u003e\n\u003cli\u003eREADME updates  3f1e423\u003c/li\u003e\n\u003cli\u003eBump to 16  8fd096d\u003c/li\u003e\n\u003cli\u003eUpdate more deps  42c5f95\u003c/li\u003e\n\u003cli\u003eBump eslint and node version  1d88050\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.3...v1.6.0\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.3...v1.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1745\"\u003e#1745\u003c/a\u003e from gruntjs/fix-copy-op  572d79b\u003c/li\u003e\n\u003cli\u003ePatch up race condition in symlink copying.  58016ff\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1746\"\u003e#1746\u003c/a\u003e from JamieSlome/patch-1  0749e1d\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md  69b7c50\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.2...v1.5.3\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.2...v1.5.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Changelog  7f15fd5\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1743\"\u003e#1743\u003c/a\u003e from gruntjs/cleanup-link  b0ec6e1\u003c/li\u003e\n\u003cli\u003eClean up link handling  433f91b\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.1...v1.5.2\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.1...v1.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1742\"\u003e#1742\u003c/a\u003e from gruntjs/update-symlink-test  ad22608\u003c/li\u003e\n\u003cli\u003eFix symlink test  0652305\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.0...v1.5.1\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.0...v1.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated changelog  b2b2c2b\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1740\"\u003e#1740\u003c/a\u003e from gruntjs/update-deps-22-10  3eda6ae\u003c/li\u003e\n\u003cli\u003eUpdate testing matrix  47d32de\u003c/li\u003e\n\u003cli\u003eMore updates  2e9161c\u003c/li\u003e\n\u003cli\u003eRemove console log  04b960e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies, tests...  aad3d45\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1736\"\u003e#1736\u003c/a\u003e from justlep/main  fdc7056\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gruntjs/grunt/blob/main/CHANGELOG\"\u003egrunt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ev1.6.2\ndate: 2026-04-14\nchanges:\n- Update minimatch to 3.1.5.\n(PR: \u003ca href=\"https://redirect.github.com/gruntjs/grunt/pull/1796\"\u003egruntjs/grunt#1796\u003c/a\u003e)\n- Update nopt to 5.0.0.\n(PR: \u003ca href=\"https://redirect.github.com/gruntjs/grunt/pull/1778\"\u003egruntjs/grunt#1778\u003c/a\u003e)\nv1.6.1\ndate: 2023-01-31\nchanges:\n- Downgrades to glob 7 for Windows compatability\n- Removes mkdirp and rimraf in favour of node.js APIs.\nv1.6.0\ndate: 2023-01-28\nchanges:\n- Requires node.js 16+.\n- template.date now uses dateformat ~4.6.2.\n- other dependency updates such as glob, rimraf, etc.\nv1.5.3\ndate: 2022-04-23\nchanges:\n- Patch up race condition in symlink copying.\nv1.5.2\ndate: 2022-04-12\nchanges:\n- Unlink symlinks when copy destination is a symlink.\nv1.5.1\ndate: 2022-04-11\nchanges:\n- Fixed symlink destination handling.\nv1.5.0\ndate: 2022-04-10\nchanges:\n- Updated dependencies.\n- Add symlink handling for copying files.\nv1.4.1\ndate: 2021-05-24\nchanges:\n- Fix --preload option to be a known option\n- Switch to GitHub Actions\nv1.4.0\ndate: 2021-04-21\nchanges:\n- Security fixes in production and dev dependencies\n- Liftup/Liftoff upgrade breaking change. Update your scripts to use --preload instead of --require. Ref: \u003ca href=\"https://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb\"\u003ehttps://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb\u003c/a\u003e.\nv1.3.0\ndate: 2020-08-18\nchanges:\n- Switch to use \u003ccode\u003esafeLoad\u003c/code\u003e for loading YML files via \u003ccode\u003efile.readYAML\u003c/code\u003e.\n- Upgrade legacy-log to ~3.0.0.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/f49016e3ad7b92cf73982bec8d1ad224563a475d\"\u003e\u003ccode\u003ef49016e\u003c/code\u003e\u003c/a\u003e 1.6.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/662e097e7a77717df9cdcc76597ea54c154a1e67\"\u003e\u003ccode\u003e662e097\u003c/code\u003e\u003c/a\u003e Update minimatch to 3.1.5 to fix CVEs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/a29fd1872a9028c65ce8e7eadda8a4ac0931adb5\"\u003e\u003ccode\u003ea29fd18\u003c/code\u003e\u003c/a\u003e CI: add Node.js 24 to version matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/f757c4f7dd4225aea81e23f67b7d2b15f6fd965d\"\u003e\u003ccode\u003ef757c4f\u003c/code\u003e\u003c/a\u003e Update links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/b5aa8342f393f21fecb9c983e0208d9da2340cfa\"\u003e\u003ccode\u003eb5aa834\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1792\"\u003e#1792\u003c/a\u003e from UlisesGascon/security-md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/8d2dea224e772ff3c549be25d5d09c87d90ec536\"\u003e\u003ccode\u003e8d2dea2\u003c/code\u003e\u003c/a\u003e docs: refresh security policy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/aa15bdc5b435e2938744658dec31ec29c3109afc\"\u003e\u003ccode\u003eaa15bdc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1786\"\u003e#1786\u003c/a\u003e from stscoundrel/ci-node-22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/ee5b2a3480d520b442887451b86e596d971d94e6\"\u003e\u003ccode\u003eee5b2a3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1787\"\u003e#1787\u003c/a\u003e from gruntjs/add-commercial-support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/c0e2b42efa4f590b624929d66e67a9f4e5c9ff46\"\u003e\u003ccode\u003ec0e2b42\u003c/code\u003e\u003c/a\u003e Readme updates re: support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/c4f037ddaecca57092f30018196361bb299b7bc7\"\u003e\u003ccode\u003ec4f037d\u003c/code\u003e\u003c/a\u003e CI: update GH actions V3 -\u0026gt; V4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gruntjs/grunt/compare/v0.4.5...v1.6.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~krinkle\"\u003ekrinkle\u003c/a\u003e, a new releaser for grunt since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vue-template-compiler` from 2.2.1 to 2.7.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vuejs/vue/releases\"\u003evue-template-compiler's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.7.16 \u0026quot;Swan Song\u0026quot;\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eThis is the final release for Vue 2.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eVue 2 will reach End of Life on December 31st, 2023. For more details, please read this \u003ca href=\"https://blog.vuejs.org/posts/vue-2-eol\"\u003eblog post\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.16-beta.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.16-beta.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.15\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.14\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.13\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.12\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.11\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.10\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.9\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.8\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.5\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.4\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev2.7.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vuejs/vue/blob/main/CHANGELOG.md\"\u003evue-template-compiler's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/vuejs/vue/compare/v2.7.16-beta.2...v2.7.16\"\u003e2.7.16 Swan Song\u003c/a\u003e (2023-12-24)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003elifecycle:\u003c/strong\u003e ensure component effect scopes are disconnected (\u003ca href=\"https://github.com/vuejs/vue/commit/56ce7f8c573116ed6683149206cf35c987249d42\"\u003e56ce7f8\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13134\"\u003e#13134\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/vuejs/vue/compare/v2.7.16-beta.1...v2.7.16-beta.2\"\u003e2.7.16-beta.2\u003c/a\u003e (2023-12-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eaccount for nested render calls (\u003ca href=\"https://github.com/vuejs/vue/commit/db9c566032da0ec5cd758a3e8525e9733874c1e5\"\u003edb9c566\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13131\"\u003e#13131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e export more types for v3 alignment (jsx / component options) (\u003ca href=\"https://github.com/vuejs/vue/commit/895669ffa01f8075a326308caa8ad6a5f69a1919\"\u003e895669f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13078\"\u003e#13078\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13128\"\u003e#13128\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/vuejs/vue/compare/v2.7.15...v2.7.16-beta.1\"\u003e2.7.16-beta.1\u003c/a\u003e (2023-12-08)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecompiler-sfc:\u003c/strong\u003e check template \u003ccode\u003eref\u003c/code\u003e usage,  (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12985\"\u003e#12985\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/83d95351a9f809311d624fc3398e7f6829b72447\"\u003e83d9535\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12984\"\u003e#12984\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecompiler-sfc:\u003c/strong\u003e fix rewriteDefault edge cases (\u003ca href=\"https://github.com/vuejs/vue/commit/25f97a5033187372e7b8c591c79336197ee5c833\"\u003e25f97a5\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13060\"\u003e#13060\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12892\"\u003e#12892\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12906\"\u003e#12906\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ekeep-alive:\u003c/strong\u003e fix keep-alive memory leak (\u003ca href=\"https://github.com/vuejs/vue/commit/2632249925e632e56f6dfc8fdbcf682c82e4081b\"\u003e2632249\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12827\"\u003e#12827\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ekeep-alive:\u003c/strong\u003e fix memory leak without breaking transition tests (\u003ca href=\"https://github.com/vuejs/vue/commit/e0747f40a879b4000a1959d21377b51d1f1ed988\"\u003ee0747f4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eprops:\u003c/strong\u003e should not unwrap props that are raw refs (\u003ca href=\"https://github.com/vuejs/vue/commit/08382f008016c3b3b93f84594266f2e191fee91d\"\u003e08382f0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12930\"\u003e#12930\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eshallowReactive:\u003c/strong\u003e should track value if already reactive when set in shallowReactive (\u003ca href=\"https://github.com/vuejs/vue/commit/0ad8e8d94f3a3bf4429f25850c85a6bbb2b81364\"\u003e0ad8e8d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003estyle:\u003c/strong\u003e always set new styles (\u003ca href=\"https://github.com/vuejs/vue/commit/f5ef882a781b8a62c9ca00e95006d07636567c8e\"\u003ef5ef882\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12901\"\u003e#12901\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12946\"\u003e#12946\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e fix shallowRef's return type  (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12979\"\u003e#12979\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/a174c29dab2cf655b06f7870e0ac5a78ef35ec8a\"\u003ea174c29\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12978\"\u003e#12978\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e fix type augmentation and compiler-sfc types w/moduleResolution: bundler (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13107\"\u003e#13107\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/de0b97b3eadae120eda505b45df2de2115dcb6f0\"\u003ede0b97b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13106\"\u003e#13106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e provide types for built-in components (\u003ca href=\"https://github.com/vuejs/vue/commit/3650c12f7d3a20f3155bc1fd2b068e84289e0d33\"\u003e3650c12\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13002\"\u003e#13002\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e type VNodeChildren should allow type number  (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13067\"\u003e#13067\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/24fcf69624a633d43dfc0aa5fa6b93d11de7fad5\"\u003e24fcf69\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12973\"\u003e#12973\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eutils:\u003c/strong\u003e unwrap refs when stringifying values in template (\u003ca href=\"https://github.com/vuejs/vue/commit/ae3e4b1c706b8d61a4a312ca5d23441df021b4b4\"\u003eae3e4b1\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12884\"\u003e#12884\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12888\"\u003e#12888\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ewatch:\u003c/strong\u003e new property addition should trigger deep watcher with getter (\u003ca href=\"https://github.com/vuejs/vue/commit/6d857f5bee275dc98106e3b2cbc7722f5ec0cfc0\"\u003e6d857f5\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12967\"\u003e#12967\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12972\"\u003e#12972\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/vuejs/vue/compare/v2.7.14...v2.7.15\"\u003e2.7.15\u003c/a\u003e (2023-10-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecompiler-sfc:\u003c/strong\u003e add semicolon after \u003ccode\u003edefineProps\u003c/code\u003e statement (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12879\"\u003e#12879\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/51fef2ca69459c1175e105991f60511f1996e0c8\"\u003e51fef2c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecompiler-sfc:\u003c/strong\u003e fix macro usage in multi-variable declaration (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12873\"\u003e#12873\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/d27c128b7cb1640f3aa185a5ecdea4ff35763794\"\u003ed27c128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecompiler-sfc:\u003c/strong\u003e Optimize the value of emitIdentifier (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12851\"\u003e#12851\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/bb59751dd4e45afcaafd607f22505a724b1ef841\"\u003ebb59751\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecompiler-sfc:\u003c/strong\u003e Resolve object expression parsing errors in \u003ccode\u003ev-on\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/12862\"\u003e#12862\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/b8c8b3fc7a211744fdabd237a1a986a1f80b7c43\"\u003eb8c8b3f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elifecycle:\u003c/strong\u003e scope might changed when call hook (\u003ca href=\"https://redirect.github.com/vuejs/vue/issues/13070\"\u003e#13070\u003c/a\u003e) (\u003ca href=\"https://github.com/vuejs/vue/commit/74ca5a13ba12a31580f1567e7c6d789e96730e46\"\u003e74ca5a1\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/13f4e7dc03e2caed900ac70ff8b8fe58dda45663\"\u003e\u003ccode\u003e13f4e7d\u003c/code\u003e\u003c/a\u003e release: v2.7.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/56ce7f8c573116ed6683149206cf35c987249d42\"\u003e\u003ccode\u003e56ce7f8\u003c/code\u003e\u003c/a\u003e fix(lifecycle): esnure component effect scopes are disconnected\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/305e4ae9dce0a05a422b675ff555f17878e86063\"\u003e\u003ccode\u003e305e4ae\u003c/code\u003e\u003c/a\u003e release: v2.7.16-beta.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/3e1037e4a0317fe78ae022e789afbbc9453b15eb\"\u003e\u003ccode\u003e3e1037e\u003c/code\u003e\u003c/a\u003e chore: bump vitest to 1.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/db9c566032da0ec5cd758a3e8525e9733874c1e5\"\u003e\u003ccode\u003edb9c566\u003c/code\u003e\u003c/a\u003e fix: account for nested render calls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/895669ffa01f8075a326308caa8ad6a5f69a1919\"\u003e\u003ccode\u003e895669f\u003c/code\u003e\u003c/a\u003e fix(types): export more types for v3 alignment (jsx / component options)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/73bdf14ef5c9979dcba18ede3410515cecbe2f2f\"\u003e\u003ccode\u003e73bdf14\u003c/code\u003e\u003c/a\u003e release: v2.7.16-beta.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/e0747f40a879b4000a1959d21377b51d1f1ed988\"\u003e\u003ccode\u003ee0747f4\u003c/code\u003e\u003c/a\u003e fix(keep-alive): fix memory leak without breaking transition tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/2632249925e632e56f6dfc8fdbcf682c82e4081b\"\u003e\u003ccode\u003e2632249\u003c/code\u003e\u003c/a\u003e fix(keep-alive): fix keep-alive memory leak\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vuejs/vue/commit/3650c12f7d3a20f3155bc1fd2b068e84289e0d33\"\u003e\u003ccode\u003e3650c12\u003c/code\u003e\u003c/a\u003e fix(types): provide types for built-in components\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vuejs/vue/compare/v2.2.1...v2.7.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.3.11 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003ePostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e during \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/1995\"\u003ehis work\u003c/a\u003e on \u003ca href=\"https://stylelint.io\"\u003eStylelint\u003c/a\u003e added \u003ccode\u003eInput#document\u003c/code\u003e in additional to \u003ccode\u003eInput#css\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eroot.source.input.document //=\u0026gt; \u0026quot;\u0026lt;p\u0026gt;Hello\u0026lt;/p\u0026gt;\r\n                           //    \u0026lt;style\u0026gt;\r\n                           //    p {\r\n                           //      color: green;\r\n                           //    }\r\n                           //    \u0026lt;/style\u0026gt;\u0026quot;\r\nroot.source.input.css      //=\u0026gt; \u0026quot;p {\r\n                           //      color: green;\r\n                           //    }\u0026quot;\r\n\u003cp\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eInput#document\u003c/code\u003e for sources like CSS-in-JS or HTML (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.4.49\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax without \u003ccode\u003esource.offset\u003c/code\u003e (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.3.11...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.13.8 to 7.29.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17782\"\u003e#17782\u003c/a\u003e Improve trailing comma comment handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:memo: Documentation\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17847\"\u003e#17847\u003c/a\u003e Replace npmjs.com links with npmx.dev (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-import-to-platform-api\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-modules\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17818\"\u003e#17818\u003c/a\u003e Load async Wasm and JSON imports in parallel (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 4\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBabel Bot (\u003ca href=\"https://github.com/babel-bot\"\u003e\u003ccode\u003e@​babel-bot\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.2 (2026-03-16)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17840\"\u003e#17840\u003c/a\u003e [7.x backport] async x =\u0026gt; {} must be in leading pos (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helpers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17805\"\u003e#17805\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/cd24cc07ef6558b7f6510f9177f6393c91b0549f\"\u003e\u003ccode\u003ecd24cc0\u003c/code\u003e\u003c/a\u003e chore: Update TS 5.7 (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17053\"\u003e#17053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.4/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.14.2 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/traverse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ansi-regex` from 4.1.0 to 5.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/chalk/ansi-regex/releases\"\u003eansi-regex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch3\u003eFixes (backport of \u003ccode\u003e6.0.1\u003c/code\u003e to v5)\u003c/h3\u003e\n\u003cp\u003eThis is a backport of the \u003cstrong\u003eminor\u003c/strong\u003e ReDos vulnerability in \u003ccode\u003eansi-regex@\u0026lt;6.0.1\u003c/code\u003e, as requested in \u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/38\"\u003e#38\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://en.wikipedia.org/wiki/ReDoS\"\u003eReDoS\u003c/a\u003e in certain cases (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\nYou are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3807\"\u003eCVE-2021-3807\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1\"\u003ehttps://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThank you \u003ca href=\"https://github.com/yetingli\"\u003e\u003ccode\u003e@​yetingli\u003c/code\u003e\u003c/a\u003e for the patch and reproduction case!\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch3\u003eBreaking\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRequire Node.js 8  166a0d5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TypeScript definition (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/32\"\u003e#32\u003c/a\u003e)  e77ea17\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/compare/v4.1.0...v5.0.0\"\u003ehttps://github.com/chalk/ansi-regex/compare/v4.1.0...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/a9babce885cf19c363cf1d1c645f834592c3f7a4\"\u003e\u003ccode\u003ea9babce\u003c/code\u003e\u003c/a\u003e 5.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/4657833b3419f381c8ef4eb5787e71c5206b1b35\"\u003e\u003ccode\u003e4657833\u003c/code\u003e\u003c/a\u003e fix incorrect format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/c3c0b3f2736b9c01feec0fef33980c43720dcde8\"\u003e\u003ccode\u003ec3c0b3f\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/37\"\u003e#37\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/178363b3a297b712a0054e702d8ddde3879913e5\"\u003e\u003ccode\u003e178363b\u003c/code\u003e\u003c/a\u003e Move to GitHub Actions (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/35\"\u003e#35\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/0755e661553387cfebcb62378181e9f55b2567ff\"\u003e\u003ccode\u003e0755e66\u003c/code\u003e\u003c/a\u003e Add \u003ca href=\"https://github.com/Qix\"\u003e\u003ccode\u003e@​Qix\u003c/code\u003e\u003c/a\u003e- to funding.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/2b56fb0c7a07108e5b54241e8faec160d393aedb\"\u003e\u003ccode\u003e2b56fb0\u003c/code\u003e\u003c/a\u003e 5.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/f26f7fe2287b44d3092c75a8dc3f7722282773d0\"\u003e\u003ccode\u003ef26f7fe\u003c/code\u003e\u003c/a\u003e Meta tweaks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/e77ea173f2e2b3f8bee370bf4cc4d29820783daf\"\u003e\u003ccode\u003ee77ea17\u003c/code\u003e\u003c/a\u003e Add TypeScript definition (\u003ca href=\"https://redirect.github.com/chalk/ansi-regex/issues/32\"\u003e#32\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/166a0d5eddedacf0db7ccd7ee137b862ab1dae70\"\u003e\u003ccode\u003e166a0d5\u003c/code\u003e\u003c/a\u003e Require Node.js 8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chalk/ansi-regex/commit/f115fca8a0d1bd7be0af5efa6b6ade54e7145207\"\u003e\u003ccode\u003ef115fca\u003c/code\u003e\u003c/a\u003e Tidelift tasks\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/chalk/ansi-regex/compare/v4.1.0...v5.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `async` from 2.6.3 to 2.6.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md\"\u003easync's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev2.6.4\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix potential prototype pollution exploit (\u003ca href=\"https://redirect.github.com/caolan/async/issues/1828\"\u003e#1828\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/caolan/async/commit/c6bdaca4f9175c14fc655d3783c6af6a883e6514\"\u003e\u003ccode\u003ec6bdaca\u003c/code\u003e\u003c/a\u003e Version 2.6.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/caolan/async/commit/8870da9d5022bab310413041b4079e10db3980b7\"\u003e\u003ccode\u003e8870da9\u003c/code\u003e\u003c/a\u003e Update built files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/caolan/async/commit/4df6754ef4e96a742956df8782fee27242a2ea12\"\u003e\u003ccode\u003e4df6754\u003c/code\u003e\u003c/a\u003e update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/caolan/async/commit/8f7f90342a6571ba1c197d747ebed30c368096d2\"\u003e\u003ccode\u003e8f7f903\u003c/code\u003e\u003c/a\u003e Fix prototype pollution vulnerability (\u003ca href=\"https://redirect.github.com/caolan/async/issues/1828\"\u003e#1828\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/caolan/async/compare/v2.6.3...v2.6.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~hargasinski\"\u003ehargasinski\u003c/a\u003e, a new releaser for async since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `json5` from 1.0.1 to 2.2.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/json5/json5/releases\"\u003ejson5's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.2.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/299\"\u003e#299\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Properties with the name \u003ccode\u003e__proto__\u003c/code\u003e are added to objects and arrays.\n(\u003ca href=\"https://redirect.github.com/json5/json5/issues/199\"\u003e#199\u003c/a\u003e) This also fixes a prototype pollution vulnerability reported by\nJonathan Gregson! (\u003ca href=\"https://redirect.github.com/json5/json5/issues/295\"\u003e#295\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Removed dependence on minimist to patch CVE-2021-44906. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Accurate and documented TypeScript declarations are now included. There is no need to install \u003ccode\u003e@types/json5\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/236\"\u003e#236\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/json5/json5/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.1.3 [\u003ca href=\"https://github.com/json5/json5/tree/v2.1.3\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.1.2...v2.1.3\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: An out of memory bug when parsing numbers has been fixed. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/228\"\u003e#228\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/json5/json5/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Bump \u003ccode\u003eminimist\u003c/code\u003e to \u003ccode\u003ev1.2.5\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/222\"\u003e#222\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: \u003ccode\u003epackage.json\u003c/code\u003e and \u003ccode\u003epackage.json5\u003c/code\u003e include a \u003ccode\u003emodule\u003c/code\u003e property so\nbundlers like webpack, rollup and parcel can take advantage of the ES Module\nbuild. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/208\"\u003e#208\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: \u003ccode\u003estringify\u003c/code\u003e outputs \u003ccode\u003e\\0\u003c/code\u003e as \u003ccode\u003e\\\\x00\u003c/code\u003e when followed by a digit. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix: Spelling mistakes have been fixed. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/196\"\u003e#196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew: The \u003ccode\u003eindex.mjs\u003c/code\u003e and \u003ccode\u003eindex.min.mjs\u003c/code\u003e browser builds in the \u003ccode\u003edist\u003c/code\u003e directory support ES6 modules. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/187\"\u003e#187\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: The browser builds in the \u003ccode\u003edist\u003c/code\u003e directory support ES5. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/182\"\u003e#182\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eMajor\u003c/strong\u003e: JSON5 officially supports Node.js v6 and later. Support for Node.js\nv4 has been dropped. Since Node.js v6 supports ES5 features, the code has been\nrewritten in native ES5, and the dependence on Babel has been eliminated.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Support for Unicode 10 has been added.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNew: The test framework has been migrated from Mocha to Tap.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNew: The browser build at \u003ccode\u003edist/index.js\u003c/code\u003e is no longer minified by default. A\nminified version is available at \u003ccode\u003edist/index.min.js\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/181\"\u003e#181\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: The warning has been made clearer when line and paragraph separators are\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/json5/json5/blob/main/CHANGELOG.md\"\u003ejson5's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003ev2.2.3 [\u003ca href=\"https://github.com/json5/json5/tree/v2.2.3\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.2.2...v2.2.3\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: json5@2.2.3 is now the 'latest' release according to npm instead of\nv1.0.2. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/299\"\u003e#299\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.2.2 [\u003ca href=\"https://github.com/json5/json5/tree/v2.2.2\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.2.1...v2.2.2\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Properties with the name \u003ccode\u003e__proto__\u003c/code\u003e are added to objects and arrays.\n(\u003ca href=\"https://redirect.github.com/json5/json5/issues/199\"\u003e#199\u003c/a\u003e) This also fixes a prototype pollution vulnerability reported by\nJonathan Gregson! (\u003ca href=\"https://redirect.github.com/json5/json5/issues/295\"\u003e#295\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.2.1 [\u003ca href=\"https://github.com/json5/json5/tree/v2.2.1\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.2.0...v2.2.1\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Removed dependence on minimist to patch CVE-2021-44906. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.2.0 [\u003ca href=\"https://github.com/json5/json5/tree/v2.2.0\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.1.3...v2.2.0\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNew: Accurate and documented TypeScript declarations are now included. There\nis no need to install \u003ccode\u003e@types/json5\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/236\"\u003e#236\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/json5/json5/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.1.3 [\u003ca href=\"https://github.com/json5/json5/tree/v2.1.3\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.1.2...v2.1.3\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: An out of memory bug when parsing numbers has been fixed. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/228\"\u003e#228\u003c/a\u003e,\n\u003ca href=\"https://redirect.github.com/json5/json5/issues/229\"\u003e#229\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.1.2 [\u003ca href=\"https://github.com/json5/json5/tree/v2.1.2\"\u003ecode\u003c/a\u003e, \u003ca href=\"https://github.com/json5/json5/compare/v2.1.1...v2.1.2\"\u003ediff\u003c/a\u003e]\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Bump \u003ccode\u003eminimist\u003c/code\u003e to \u003ccode\u003ev1.2.5\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/json5/json5/issues/222\"\u003e#222\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev2.1.1 [\u003ca href=\"https://github.com/json5/json5/tree/v2.1.1\"\u003ecode\u003c/a\u003e, [diff][d2.1.1]]\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/c3a75242772a5026a49c4017a16d9b3543b62776\"\u003e\u003ccode\u003ec3a7524\u003c/code\u003e\u003c/a\u003e 2.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/94fd06d82eeed225fa172f6fb2ca27375cbd2e39\"\u003e\u003ccode\u003e94fd06d\u003c/code\u003e\u003c/a\u003e docs: update CHANGELOG for v2.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/3b8cebf0c474a8b20c78bd75c89cca0c4dce84ce\"\u003e\u003ccode\u003e3b8cebf\u003c/code\u003e\u003c/a\u003e docs(security): use GitHub security advisories\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/f0fd9e194dde282caff114a110f4fac635f3a62c\"\u003e\u003ccode\u003ef0fd9e1\u003c/code\u003e\u003c/a\u003e docs: publish a security policy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/6a91a05fffeda16ff6b3b5008b6b340d42d31ec0\"\u003e\u003ccode\u003e6a91a05\u003c/code\u003e\u003c/a\u003e docs(template): bug -\u0026gt; bug report\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/14f8cb186e8abdfaccf6527171da7b1224374650\"\u003e\u003ccode\u003e14f8cb1\u003c/code\u003e\u003c/a\u003e 2.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/10cc7ca9169b59c5e0f5afc03dbd870cd06bcc46\"\u003e\u003ccode\u003e10cc7ca\u003c/code\u003e\u003c/a\u003e docs: update CHANGELOG for v2.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/7774c1097993bc3ce9f0ac4b722a32bf7d6871c8\"\u003e\u003ccode\u003e7774c10\u003c/code\u003e\u003c/a\u003e fix: add \u003cstrong\u003eproto\u003c/strong\u003e to objects and arrays\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/edde30abd8b22facf2c06c72586b9f6edf12700d\"\u003e\u003ccode\u003eedde30a\u003c/code\u003e\u003c/a\u003e Readme: slight tweak to intro\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/json5/json5/commit/97286f8bd542c89dcee096bc05dd28ed2dfc1e16\"\u003e\u003ccode\u003e97286f8\u003c/code\u003e\u003c/a\u003e Improve example in readme\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/json5/json5/compare/v1.0.1...v2.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `loader-utils` from 2.0.0 to 2.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/loader-utils/releases\"\u003eloader-utils's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.4\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.3...v2.0.4\"\u003e2.0.4\u003c/a\u003e (2022-11-11)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDoS problem (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/225\"\u003e#225\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/ac09944dfacd7c4497ef692894b09e63e09a5eeb\"\u003eac09944\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.3\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.3\"\u003e2.0.3\u003c/a\u003e (2022-10-20)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esecurity:\u003c/strong\u003e prototype pollution exploit (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/217\"\u003e#217\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/a93cf6f4702012030f6b5ee8340d5c95ec1c7d4c\"\u003ea93cf6f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.2\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.2\"\u003e2.0.2\u003c/a\u003e (2021-11-04)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebase64 generation and unicode characters (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/197\"\u003e#197\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/8c2d24ee400bc4567335e97ee6004c3baa6ef66f\"\u003e8c2d24e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.1\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.0...v2.0.1\"\u003e2.0.1\u003c/a\u003e (2021-10-29)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emd4 support on Node.js v17 (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/193\"\u003e#193\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/1069f61284a571614ee4acdde6e6087174be118a\"\u003e1069f61\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md\"\u003eloader-utils's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.3...v2.0.4\"\u003e2.0.4\u003c/a\u003e (2022-11-11)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDoS problem (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/225\"\u003e#225\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/ac09944dfacd7c4497ef692894b09e63e09a5eeb\"\u003eac09944\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.3\"\u003e2.0.3\u003c/a\u003e (2022-10-20)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esecurity:\u003c/strong\u003e prototype pollution exploit (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/217\"\u003e#217\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/a93cf6f4702012030f6b5ee8340d5c95ec1c7d4c\"\u003ea93cf6f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.2\"\u003e2.0.2\u003c/a\u003e (2021-11-04)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebase64 generation and unicode characters (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/197\"\u003e#197\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/8c2d24ee400bc4567335e97ee6004c3baa6ef66f\"\u003e8c2d24e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.0...v2.0.1\"\u003e2.0.1\u003c/a\u003e (2021-10-29)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emd4 support on Node.js v17 (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/193\"\u003e#193\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/1069f61284a571614ee4acdde6e6087174be118a\"\u003e1069f61\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/loader-utils/commit/6688b5028106f144ee9f543bebc8e6a87b57829f\"\u003e\u003ccode\u003e6688b50\u003c/code\u003e\u003c/a\u003e chore(release): 2.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/loader-utils/commit/ac09944dfacd7c4497ef692894b09e63e09a5eeb\"\u003e\u003ccode\u003eac09944\u003c/code\u003e\u003c/a\u003e fix: ReDoS problem (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/225\"\u003e#225\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/loader-utils/commit/7162619fb982c394ed75098a0a0ed7e7f3177c70\"\u003e\u003ccode\u003e7162619\u003c/code\u003e\u003c/a\u003e chore(release): 2.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/loader-utils/commit/a93cf6f4702012030f6b5ee8340d5c95ec1c7d4c\"\u003e\u003ccode\u003ea93cf6f\u003c/code\u003e\u003c/a\u003e fix(security): prototype polution exploit (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/217\"\u003e#217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/loader-utils/commit/90c7c4be17e3e0b2f6091a69c67db7a6df9fd044\"\u003e\u003ccode\u003e90c7c4b\u003c/code\u003e\u003c/a\u003e chore(release): 2.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/loader-utils/commit/8c2d24ee400bc4567335e97ee6004c3baa6ef66f\"\u003e\u003ccode\u003e8c2d24e\u003c/code\u003e\u003c/a\u003e fix: base64 generation and unicode characters (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/197\"\u003e#197\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/loader-utils/commit/5fb556208426d281a18dfbf6f45dca24bfb24e96\"\u003e\u003ccode\u003e5fb5562\u003c/code\u003e\u003c/a\u003e chore(release): 2.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/webpack/loader-utils/commit/1069f61284a571614ee4acdde6e6087174be118a\"\u003e\u003ccode\u003e1069f61\u003c/code\u003e\u003c/a\u003e fix: md4 support on Node.js v17 (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/193\"\u003e#193\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.0...v2.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `loader-utils` from 1.4.0 to 1.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/loader-utils/releases\"\u003eloader-utils's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.4\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.3...v2.0.4\"\u003e2.0.4\u003c/a\u003e (2022-11-11)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReDoS problem (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/225\"\u003e#225\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/ac09944dfacd7c4497ef692894b09e63e09a5eeb\"\u003eac09944\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.3\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.3\"\u003e2.0.3\u003c/a\u003e (2022-10-20)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esecurity:\u003c/strong\u003e prototype pollution exploit (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/217\"\u003e#217\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/a93cf6f4702012030f6b5ee8340d5c95ec1c7d4c\"\u003ea93cf6f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.2\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.1...v2.0.2\"\u003e2.0.2\u003c/a\u003e (2021-11-04)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebase64 generation and unicode characters (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/197\"\u003e#197\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/8c2d24ee400bc4567335e97ee6004c3baa6ef66f\"\u003e8c2d24e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.0.1\u003c/h2\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/webpack/loader-utils/compare/v2.0.0...v2.0.1\"\u003e2.0.1\u003c/a\u003e (2021-10-29)\u003c/h3\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003emd4 support on Node.js v17 (\u003ca href=\"https://redirect.github.com/webpack/loader-utils/issues/193\"\u003e#193\u003c/a\u003e) (\u003ca href=\"https://github.com/webpack/loader-utils/commit/1069f61284a571614ee4acdde6e6087174be118a\"\u003e1069f61\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/webpack/loa...\n\n_Description has been truncated_","html_url":"https://github.com/mohammadnajjar/firstwp/pull/17","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mohammadnajjar%2Ffirstwp/issues/17","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/17/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-05-16T07:44:53.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4459153677","node_id":"PR_kwDOPthl1s7cLPqW","number":21,"state":"closed","title":"Bump the npm_and_yarn group across 2 directories with 22 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-17T05:59:11.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-16T07:44:53.000Z","updated_at":"2026-05-17T05:59:13.000Z","time_to_close":80058,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":22,"packages":[{"name":"bootstrap","old_version":"3.4.1","new_version":"5.0.0","repository_url":"https://github.com/twbs/bootstrap"},{"name":"datatables.net","old_version":"1.10.19","new_version":"1.13.11","repository_url":"https://github.com/DataTables/Dist-DataTables"},{"name":"jquery","old_version":"3.3.1","new_version":"3.7.1","repository_url":"https://github.com/jquery/jquery"},{"name":"jquery-ui","old_version":"1.12.1","new_version":"1.13.2","repository_url":"https://github.com/jquery/jquery-ui"},{"name":"moment","old_version":"2.24.0","new_version":"2.30.1","repository_url":"https://github.com/moment/moment"},{"name":"select2","old_version":"4.0.5","new_version":"4.0.6","repository_url":"https://github.com/select2/select2"},{"name":"grunt","old_version":"0.4.5","new_version":"1.6.2","repository_url":"https://github.com/gruntjs/grunt"},{"name":"ajv","old_version":"4.11.8","new_version":"removed","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"bn.js","old_version":"4.11.8","new_version":"4.12.3","repository_url":"https://github.com/indutny/bn.js"},{"name":"brace-expansion","old_version":"1.1.8","new_version":"1.1.14","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"browserify-sign","old_version":"4.0.4","new_version":"4.2.5","repository_url":"https://github.com/crypto-browserify/browserify-sign"},{"name":"cached-path-relative","old_version":"1.0.1","new_version":"1.1.0","repository_url":"https://github.com/ashaffer/cached-path-relative"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"i","old_version":"0.3.6","new_version":"0.3.7","repository_url":"https://github.com/pksunkara/inflect"},{"name":"minimist","old_version":"1.2.0","new_version":"1.2.8","repository_url":"https://github.com/minimistjs/minimist"},{"name":"shelljs","old_version":"0.3.0","new_version":"removed","repository_url":"https://github.com/shelljs/shelljs"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 16 updates in the /back directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [bootstrap](https://github.com/twbs/bootstrap) | `3.4.1` | `5.0.0` |\n| [datatables.net](https://github.com/DataTables/Dist-DataTables) | `1.10.19` | `1.13.11` |\n| [jquery](https://github.com/jquery/jquery) | `3.3.1` | `3.7.1` |\n| [jquery-ui](https://github.com/jquery/jquery-ui) | `1.12.1` | `1.13.2` |\n| [moment](https://github.com/moment/moment) | `2.24.0` | `2.30.1` |\n| [select2](https://github.com/select2/select2) | `4.0.5` | `4.0.6` |\n| [grunt](https://github.com/gruntjs/grunt) | `0.4.5` | `1.6.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `4.11.8` | `removed` |\n| [bn.js](https://github.com/indutny/bn.js) | `4.11.8` | `4.12.3` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.8` | `1.1.14` |\n| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.5` |\n| [cached-path-relative](https://github.com/ashaffer/cached-path-relative) | `1.0.1` | `1.1.0` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [i](https://github.com/pksunkara/inflect) | `0.3.6` | `0.3.7` |\n| [minimist](https://github.com/minimistjs/minimist) | `1.2.0` | `1.2.8` |\n| [shelljs](https://github.com/shelljs/shelljs) | `0.3.0` | `removed` |\n\nBumps the npm_and_yarn group with 1 update in the /casino directory: [axios](https://github.com/axios/axios).\n\nUpdates `bootstrap` from 3.4.1 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/twbs/bootstrap/releases\"\u003ebootstrap's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eHighlights\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32155\"\u003e#32155\u003c/a\u003e: Updated \u003ccode\u003emake-col()\u003c/code\u003e mixin to generate equal columns when no size is specified\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32763\"\u003e#32763\u003c/a\u003e: Added new \u003ccode\u003ecolor-scheme()\u003c/code\u003e mixin\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33389\"\u003e#33389\u003c/a\u003e: Dropdown menus now have option become clickable\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33453\"\u003e#33453\u003c/a\u003e: Added new docs footer\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33548\"\u003e#33548\u003c/a\u003e: Offcanvas header components are now vertically aligned\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33549\"\u003e#33549\u003c/a\u003e: Added offcanvas-top modifier\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33634\"\u003e#33634\u003c/a\u003e: Added support for \u003ccode\u003e.dropdown-item\u003c/code\u003es wrapped in \u003ccode\u003e\u0026lt;li\u0026gt;\u003c/code\u003es\n\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33626\"\u003e#33626\u003c/a\u003e: Fix v5 regressions in tab dropdown functionality\u003c/p\u003e\n\u003ch2\u003e🚀 Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32763\"\u003e#32763\u003c/a\u003e: Add \u003ccode\u003ecolor-scheme\u003c/code\u003e mixin\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33389\"\u003e#33389\u003c/a\u003e: Dropdown — Add option to make the dropdown menu clickable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33549\"\u003e#33549\u003c/a\u003e: Add offcanvas-top modifier\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🎨 CSS\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32155\"\u003e#32155\u003c/a\u003e: Add equal column mixin\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32763\"\u003e#32763\u003c/a\u003e: Add \u003ccode\u003ecolor-scheme\u003c/code\u003e mixin\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33292\"\u003e#33292\u003c/a\u003e: Make accordion icon rotation more natural\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33411\"\u003e#33411\u003c/a\u003e: Fix validation feedback icon in select multiple\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33478\"\u003e#33478\u003c/a\u003e: Make \u003ccode\u003e.nav-link\u003c/code\u003e color consistent when using buttons\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33482\"\u003e#33482\u003c/a\u003e: Dropdown — Apply positioning only when Popper is not used\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33548\"\u003e#33548\u003c/a\u003e: Vertically align offcanvas header components\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33549\"\u003e#33549\u003c/a\u003e: Add offcanvas-top modifier\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33550\"\u003e#33550\u003c/a\u003e: Spinner alignment changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33598\"\u003e#33598\u003c/a\u003e: Hide validation icons from multiple selects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33600\"\u003e#33600\u003c/a\u003e: Have $form-check-input-border's default derive from $black\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33607\"\u003e#33607\u003c/a\u003e: Reduce color-scheme complexity\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33642\"\u003e#33642\u003c/a\u003e: use \u003ccode\u003e:read-only\u003c/code\u003e css selector instead \u003ccode\u003e[readonly]\u003c/code\u003e for consistency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33658\"\u003e#33658\u003c/a\u003e: fix: use list-group variable instead of alert\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33736\"\u003e#33736\u003c/a\u003e: accordion: fix \u003ccode\u003eborder-top\u003c/code\u003e on Firefox\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e☕️ JavaScript\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/32439\"\u003e#32439\u003c/a\u003e: Decouple BackDrop from modal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33245\"\u003e#33245\u003c/a\u003e: Decouple Modal's scrollbar functionality\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33249\"\u003e#33249\u003c/a\u003e: Simplify Modal Config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33250\"\u003e#33250\u003c/a\u003e: Simplify ScrollSpy config\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33310\"\u003e#33310\u003c/a\u003e: fix: make EventHandler better handle mouseenter/mouseleave events\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33389\"\u003e#33389\u003c/a\u003e: Dropdown — Add option to make the dropdown menu clickable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33429\"\u003e#33429\u003c/a\u003e: Remove element event listeners through base component\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33451\"\u003e#33451\u003c/a\u003e: Add missing things in \u003ccode\u003ehide\u003c/code\u003e method of dropdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33456\"\u003e#33456\u003c/a\u003e: Use our \u003ccode\u003eisDisabled\u003c/code\u003e util on dropdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33466\"\u003e#33466\u003c/a\u003e: Refactor dropdown's hide functionality\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33479\"\u003e#33479\u003c/a\u003e: Fix dropdown escape propagation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33496\"\u003e#33496\u003c/a\u003e:  Use cached \u003ccode\u003enoop\u003c/code\u003e function\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/bf0936748602c8109fd916c64b4560799fa1c3f8\"\u003e\u003ccode\u003ebf09367\u003c/code\u003e\u003c/a\u003e Release v5.0.0 (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33647\"\u003e#33647\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/48ae5a7149d30d7d80cecbaaabaa88f7679c9172\"\u003e\u003ccode\u003e48ae5a7\u003c/code\u003e\u003c/a\u003e Rewrite migration guide (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33834\"\u003e#33834\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/f0865727b7d5f274a818510219e024d227affe11\"\u003e\u003ccode\u003ef086572\u003c/code\u003e\u003c/a\u003e refactor(docs): Added form file input variables (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33833\"\u003e#33833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/1a54286befabfb8c18de420df4d7074ab7eb77b3\"\u003e\u003ccode\u003e1a54286\u003c/code\u003e\u003c/a\u003e Fix doc typo and Bootstrap Icons link (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33832\"\u003e#33832\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/e2df73fa9a2062ed5489a1bd80b9d0ddbf211a53\"\u003e\u003ccode\u003ee2df73f\u003c/code\u003e\u003c/a\u003e Update migration guide for some v5 changes (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33829\"\u003e#33829\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/1e6356ab43df6ca3e0c05499a4d690235fbd6fc7\"\u003e\u003ccode\u003e1e6356a\u003c/code\u003e\u003c/a\u003e Neutralise more words from placeholder text (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33731\"\u003e#33731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/6633845901672cb642c0975e6fea3d1a1fa20058\"\u003e\u003ccode\u003e6633845\u003c/code\u003e\u003c/a\u003e Bump eslint-config-xo from 0.35.0 to 0.36.0 (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33646\"\u003e#33646\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/cb38744cf79b347ec2a32e0dcfe5c42402dc15ea\"\u003e\u003ccode\u003ecb38744\u003c/code\u003e\u003c/a\u003e Tweak toast docs (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33810\"\u003e#33810\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/c2ff22532e9f05d98b8db7c0b179d252387e77a3\"\u003e\u003ccode\u003ec2ff225\u003c/code\u003e\u003c/a\u003e Bump rollup from 2.46.0 to 2.47.0 (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33818\"\u003e#33818\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twbs/bootstrap/commit/c090ea2f4fbdc12e37def7c3bf9eb4c96c804d34\"\u003e\u003ccode\u003ec090ea2\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​babel/preset-env\u003c/code\u003e from 7.14.0 to 7.14.1 (\u003ca href=\"https://redirect.github.com/twbs/bootstrap/issues/33819\"\u003e#33819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/twbs/bootstrap/compare/v3.4.1...v5.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~mdo\"\u003emdo\u003c/a\u003e, a new releaser for bootstrap since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `datatables.net` from 1.10.19 to 1.13.11\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DataTables/Dist-DataTables/releases\"\u003edatatables.net's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.13.11\u003c/h2\u003e\n\u003cp\u003eDataTables 1.13.11\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/020e067bbb70a82b03b61fdd3a3a6568bf47e15f\"\u003e\u003ccode\u003e020e067\u003c/code\u003e\u003c/a\u003e Release 1.13.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/92d424dce447f22d39c0c901da2ff9f98d626bbb\"\u003e\u003ccode\u003e92d424d\u003c/code\u003e\u003c/a\u003e Release 1.13.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/b2e9e8916b256f6b9f63f3babe5fd396c3ebd0c5\"\u003e\u003ccode\u003eb2e9e89\u003c/code\u003e\u003c/a\u003e 1.13.9 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/b0cabc22f532c444b3ae18af10d90253a3c24a4b\"\u003e\u003ccode\u003eb0cabc2\u003c/code\u003e\u003c/a\u003e Release 1.13.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/08c656b6a1f773fba9c0df444f967c3ad7bf0d8c\"\u003e\u003ccode\u003e08c656b\u003c/code\u003e\u003c/a\u003e Sync tag release - 1.13.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/8535cbabb9d8aaf66972cb9cf0a199b8a2899979\"\u003e\u003ccode\u003e8535cba\u003c/code\u003e\u003c/a\u003e d465757b36e0237b93a1fce05d553a3bb9ecd946 Dev: A little code golf to reduce size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/09717cbadab354e0828d2d27bfe5c9c7e6dcea98\"\u003e\u003ccode\u003e09717cb\u003c/code\u003e\u003c/a\u003e 7521d6f2bd98de2cde2e82dff82230c180eee722 Fix: Don't check colspan of child ro...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/16f4ccdf59604a3af0317f6430fd7167668acb9d\"\u003e\u003ccode\u003e16f4ccd\u003c/code\u003e\u003c/a\u003e 65c066c0f88839109f60aceb2de8482a48bd80d4 Fix: CommonJS loader, when there is ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/7f15d78192f19e523103eba5ece12a4aee9d8368\"\u003e\u003ccode\u003e7f15d78\u003c/code\u003e\u003c/a\u003e Sync tag release - 1.13.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DataTables/Dist-DataTables/commit/5c93272b1b08fa63a613ca8be7684bfcfd7b7653\"\u003e\u003ccode\u003e5c93272\u003c/code\u003e\u003c/a\u003e 4b83774b58ed7c423c18356e1df0963513df6f2f Release 1.13.7\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/DataTables/Dist-DataTables/compare/1.10.19...1.13.11\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jquery` from 3.3.1 to 3.7.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jquery/jquery/releases\"\u003ejquery's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ejQuery 3.7.1 Released: Reliable Table Row Dimensions\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jquery.com/2023/08/28/jquery-3-7-1-released-reliable-table-row-dimensions/\"\u003ehttps://blog.jquery.com/2023/08/28/jquery-3-7-1-released-reliable-table-row-dimensions/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery 3.7.0: Staying in Order\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jquery.com/2023/05/11/jquery-3-7-0-released-staying-in-order/\"\u003ehttps://blog.jquery.com/2023/05/11/jquery-3-7-0-released-staying-in-order/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery 3.6.4 Released: Selector Forgiveness\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jquery.com/2023/03/08/jquery-3-6-4-released-selector-forgiveness/\"\u003ehttps://blog.jquery.com/2023/03/08/jquery-3-6-4-released-selector-forgiveness/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery supports CSS.supports in jQuery 3.6.3\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jquery.com/2022/12/20/jquery-3-6-3-released-a-quick-selector-fix/\"\u003ehttps://blog.jquery.com/2022/12/20/jquery-3-6-3-released-a-quick-selector-fix/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery 3.6.2 :has arrived!\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jquery.com/2022/12/13/jquery-3-6-2-released/\"\u003ehttps://blog.jquery.com/2022/12/13/jquery-3-6-2-released/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery 3.6.1 Maintenance Release\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jquery.com/2022/08/26/jquery-3-6-1-maintenance-release/\"\u003ehttps://blog.jquery.com/2022/08/26/jquery-3-6-1-maintenance-release/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery 3.6.0 Released!\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jquery.com/2021/03/02/jquery-3-6-0-released/\"\u003ehttps://blog.jquery.com/2021/03/02/jquery-3-6-0-released/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery 3.5.0 Released!\u003c/h2\u003e\n\u003cp\u003eSee the blog post:\n\u003ca href=\"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\"\u003ehttps://blog.jquery.com/2020/04/10/jquery-3-5-0-released/\u003c/a\u003e\nand the upgrade guide:\n\u003ca href=\"https://jquery.com/upgrade-guide/3.5/\"\u003ehttps://jquery.com/upgrade-guide/3.5/\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eNOTE:\u003c/strong\u003e Despite being a minor release, this update includes a breaking change that we had to make to fix \u003ca href=\"https://github.com/advisories/GHSA-gxr4-xjj5-5px2\"\u003ea security issue\u003c/a\u003e ( \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2020-11022\"\u003e\u003ccode\u003eCVE-2020-11022\u003c/code\u003e\u003c/a\u003e). Please follow the blog post \u0026amp; the upgrade guide for more details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/f79d5f1a337528940ab7029d4f8bbba72326f269\"\u003e\u003ccode\u003ef79d5f1\u003c/code\u003e\u003c/a\u003e 3.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/399b201bb3143a3952894cf3489b4848fc003967\"\u003e\u003ccode\u003e399b201\u003c/code\u003e\u003c/a\u003e Release: revert change that broke release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/f85d521cdeeb3c6d3f4563a06dba8be793e26ef0\"\u003e\u003ccode\u003ef85d521\u003c/code\u003e\u003c/a\u003e Release: update authors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/763ade6dda092709b36d97491951bcae415d91d1\"\u003e\u003ccode\u003e763ade6\u003c/code\u003e\u003c/a\u003e Build: Generate the slim build on \u003ccode\u003egrunt\u003c/code\u003e \u0026amp; run \u003ccode\u003ecompare_size\u003c/code\u003e on it\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/a288838c6f2ddd08c41e09b4672ad39a03822b04\"\u003e\u003ccode\u003ea288838\u003c/code\u003e\u003c/a\u003e CSS: Make the reliableTrDimensions support test work with Bootstrap CSS (3.x ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/87467a6f62b5fbd820ab387836e2a6fb186cbc1b\"\u003e\u003ccode\u003e87467a6\u003c/code\u003e\u003c/a\u003e Selector: Only attach the unload handler in IE \u0026amp; Edge Legacy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/3c18c1f33cfc69e1e1bd1410ab5176b2abc5fe3a\"\u003e\u003ccode\u003e3c18c1f\u003c/code\u003e\u003c/a\u003e Build: Make sure \u003ccode\u003e*.cjs\u003c/code\u003e \u0026amp; \u003ccode\u003e*.mjs\u003c/code\u003e files use UNIX line endings as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/72ae577c948f3577894bc7430a264ec27d9c2ba3\"\u003e\u003ccode\u003e72ae577\u003c/code\u003e\u003c/a\u003e Build: switch preferred email for timmywil\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/a370d7df4232c98f536bd97c049a0445d75c0f9e\"\u003e\u003ccode\u003ea370d7d\u003c/code\u003e\u003c/a\u003e Build: Build: Bump actions/checkout from 3.5.2 to 3.5.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery/commit/4a29888c759d0ca9a3ef7be90a2d7936cc48f5c8\"\u003e\u003ccode\u003e4a29888\u003c/code\u003e\u003c/a\u003e Docs: Fix typos found by codespell\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jquery/jquery/compare/3.3.1...3.7.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~timmywil\"\u003etimmywil\u003c/a\u003e, a new releaser for jquery since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jquery-ui` from 1.12.1 to 1.13.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jquery/jquery-ui/releases\"\u003ejquery-ui's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ejQuery UI 1.13.2 released\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jqueryui.com/2022/07/jquery-ui-1-13-2-released/\"\u003ehttps://blog.jqueryui.com/2022/07/jquery-ui-1-13-2-released/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery UI 1.13.1 released\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jqueryui.com/2022/01/jquery-ui-1-13-1-released/\"\u003ehttps://blog.jqueryui.com/2022/01/jquery-ui-1-13-1-released/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ejQuery UI 1.13.0 released\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/\"\u003ehttps://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/d6c028cc2e214a4f9f3a787313ef03a17a33a008\"\u003e\u003ccode\u003ed6c028c\u003c/code\u003e\u003c/a\u003e 1.13.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/8cc5bae1caa1fcf96bf5862c5646c787020ba3f9\"\u003e\u003ccode\u003e8cc5bae\u003c/code\u003e\u003c/a\u003e Checkboxradio: Don't re-evaluate text labels as HTML\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/b53e7beb6884a8de7710146112bc48aecd8737b4\"\u003e\u003ccode\u003eb53e7be\u003c/code\u003e\u003c/a\u003e All: Remove deprecated .click() usage in demos/tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/bb00536756b40a67288fab1803741d18bf3b5e4c\"\u003e\u003ccode\u003ebb00536\u003c/code\u003e\u003c/a\u003e Build: Update AUTHORS.txt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/9d1fc97b4ea5c364b8f1c7d9ab2a3c28f8c594e7\"\u003e\u003ccode\u003e9d1fc97\u003c/code\u003e\u003c/a\u003e Datepicker: Capitalize some Indonesian words\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/1f467baaacf0f9927cb73482a9f3ac0253739c4a\"\u003e\u003ccode\u003e1f467ba\u003c/code\u003e\u003c/a\u003e Selectmenu: Remove a call to the deprecated .focus() method\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/ac1866f20d0c333658ec180b09bb84445c3bb086\"\u003e\u003ccode\u003eac1866f\u003c/code\u003e\u003c/a\u003e Build: Update AUTHORS.txt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/395aa7d05601aa1f2ebeae272f81f0014c0cae90\"\u003e\u003ccode\u003e395aa7d\u003c/code\u003e\u003c/a\u003e Datepicker: Add missing localization for prevText and nextText\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/218c6af95a5d72134c1b32220995b161c56a1453\"\u003e\u003ccode\u003e218c6af\u003c/code\u003e\u003c/a\u003e Datepicker: Remove symbols in localization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jquery/jquery-ui/commit/3126e128691fd9fa78f33930ba9cb37609d0a64f\"\u003e\u003ccode\u003e3126e12\u003c/code\u003e\u003c/a\u003e Datepicker: Remove symbols in localization\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jquery/jquery-ui/compare/1.12.1...1.13.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~mgol\"\u003emgol\u003c/a\u003e, a new releaser for jquery-ui since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `moment` from 2.24.0 to 2.30.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/moment/moment/blob/develop/CHANGELOG.md\"\u003emoment's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e2.30.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelease Dec 27, 2023\u003c/li\u003e\n\u003cli\u003eRevert \u003ca href=\"https://redirect.github.com/moment/moment/pull/5827\"\u003emoment/moment#5827\u003c/a\u003e, because it's breaking\na lot of TS code.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.30.0 \u003ca href=\"https://gist.github.com/ichernev/e277bcd1f0eeabb834f60a777237925a\"\u003eFull changelog\u003c/a\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelease Dec 26, 2023\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.29.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelease Jul 6, 2022\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/moment/moment/pull/6015\"\u003e#6015\u003c/a\u003e [bugfix] Fix ReDoS in preprocessRFC2822 regex\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.29.3 \u003ca href=\"https://gist.github.com/ichernev/edebd440f49adcaec72e5e77b791d8be\"\u003eFull changelog\u003c/a\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelease Apr 17, 2022\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/moment/moment/pull/5995\"\u003e#5995\u003c/a\u003e [bugfix] Remove const usage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/moment/moment/pull/5990\"\u003e#5990\u003c/a\u003e misc: fix advisory link\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e2.29.2 \u003ca href=\"https://gist.github.com/ichernev/1904b564f6679d9aac1ae08ce13bc45c\"\u003eSee full changelog\u003c/a\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelease Apr 3 2022\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eAddress \u003ca href=\"https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4\"\u003ehttps://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e2.29.1 \u003ca href=\"https://gist.github.com/marwahaha/cc478ba01a1292ab4bd4e861d164d99b\"\u003eSee full changelog\u003c/a\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelease Oct 6, 2020\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eUpdated deprecation message, bugfix in hi locale\u003c/p\u003e\n\u003ch3\u003e2.29.0 \u003ca href=\"https://gist.github.com/marwahaha/b0111718641a6461800066549957ec14\"\u003eSee full changelog\u003c/a\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelease Sept 22, 2020\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew locales (es-mx, bn-bd).\nMinor bugfixes and locale improvements.\nMore tests.\nMoment is in maintenance mode. Read more at this link:\n\u003ca href=\"https://momentjs.com/docs/#/-project-status/\"\u003ehttps://momentjs.com/docs/#/-project-status/\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003e2.28.0 \u003ca href=\"https://gist.github.com/marwahaha/028fd6c2b2470b2804857cfd63c0e94f\"\u003eSee full changelog\u003c/a\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRelease Sept 13, 2020\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFix bug where .format() modifies original instance, and locale updates\u003c/p\u003e\n\u003ch3\u003e2.27.0 \u003ca href=\"https://gist.github.com/marwahaha/5100c9c2f42019067b1f6cefc333daa7\"\u003eSee full changelog\u003c/a\u003e\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/485d9a7d709bd5f3869a7ad24630cf0746d072dc\"\u003e\u003ccode\u003e485d9a7\u003c/code\u003e\u003c/a\u003e Build 2.30.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/e048b09e46a3f710a93a45026b93b7c3cbc8b646\"\u003e\u003ccode\u003ee048b09\u003c/code\u003e\u003c/a\u003e Bump version to 2.30.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/f9f2d584dcaa4bcb4821ba4bae97b54798239921\"\u003e\u003ccode\u003ef9f2d58\u003c/code\u003e\u003c/a\u003e Update changelog for 2.30.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/a52ffb2bd49fdef0149d13874e7aede361342198\"\u003e\u003ccode\u003ea52ffb2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Merge pull request \u003ca href=\"https://redirect.github.com/moment/moment/issues/5827\"\u003e#5827\u003c/a\u003e from BobZombie:feature/fix_d.ts\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/ddd680908c23797a3ed22007838634518bb14705\"\u003e\u003ccode\u003eddd6809\u003c/code\u003e\u003c/a\u003e Build 2.30.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/be64d00332159d4df419a4ee0328da9bd81a6fc6\"\u003e\u003ccode\u003ebe64d00\u003c/code\u003e\u003c/a\u003e Bump version to 2.30.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/ad411793e96d19085272181dcb823aee34b7de5d\"\u003e\u003ccode\u003ead41179\u003c/code\u003e\u003c/a\u003e Update changelog for 2.30.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/63fe479c029d2e329e5c03744e5ad022828296d7\"\u003e\u003ccode\u003e63fe479\u003c/code\u003e\u003c/a\u003e [misc] Make code ES6 compatible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/0f0195f5049744d4b74bd0840501cb24b2cba949\"\u003e\u003ccode\u003e0f0195f\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Merge pull request \u003ca href=\"https://redirect.github.com/moment/moment/issues/5599\"\u003e#5599\u003c/a\u003e from Alanscut:issue_4985\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moment/moment/commit/15b82f532c41c86f0cfa7462d0057d1d95e67821\"\u003e\u003ccode\u003e15b82f5\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Merge pull request \u003ca href=\"https://redirect.github.com/moment/moment/issues/5597\"\u003e#5597\u003c/a\u003e from Alanscut:issue-5596\u0026quot;\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/moment/moment/compare/2.24.0...2.30.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `select2` from 4.0.5 to 4.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/select2/select2/releases\"\u003eselect2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSelect2 4.0.6\u003c/h2\u003e\n\u003ch3\u003eNew features/improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd style property to package.json (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5019\"\u003e#5019\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003eclearing\u003c/code\u003e events (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5058\"\u003e#5058\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003escrollAfterSelect\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5150\"\u003e#5150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd missing diacritics (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4118\"\u003e#4118\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/select2/select2/issues/4337\"\u003e#4337\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/select2/select2/issues/5464\"\u003e#5464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix up arrow error when there are no options in dropdown (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5127\"\u003e#5127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e;\u003c/code\u003e before beginning of factory wrapper (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5089\"\u003e#5089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix IE11 issue with select losing focus after selecting an item (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4860\"\u003e#4860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eClear tooltip from \u003ccode\u003eselect2-selection__rendered\u003c/code\u003e when selection is cleared (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4640\"\u003e#4640\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/select2/select2/issues/4746\"\u003e#4746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix keyboard not closing when closing dropdown on iOS 10 (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4680\"\u003e#4680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUser-defined types not normalized properly when passed in as data (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4632\"\u003e#4632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePerform deep merge for \u003ccode\u003eDefaults.set()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4364\"\u003e#4364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u0026quot;the results could not be loaded\u0026quot; displaying during AJAX request (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4356\"\u003e#4356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCache objects in \u003ccode\u003eUtils.__cache\u003c/code\u003e instead of using \u003ccode\u003e$.data\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4346\"\u003e#4346\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/select2/select2/issues/5486\"\u003e#5486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoving the double event binding registration of \u003ccode\u003eselection:update\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4306\"\u003e#4306\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eAccessibility\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eImprove \u003ccode\u003e.select2-hidden-accessible\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4908\"\u003e#4908\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd role and aria-readonly attributes to single selection dropdown value (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4881\"\u003e#4881\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTranslations\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Turkmen translations (\u003ccode\u003etk\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5125\"\u003e#5125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error in French translations (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5122\"\u003e#5122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Albanian translation (\u003ccode\u003esq\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5199\"\u003e#5199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Georgian translation (\u003ccode\u003eka\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5179\"\u003e#5179\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Nepali translation (\u003ccode\u003ene\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5295\"\u003e#5295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Bangla translation (\u003ccode\u003ebn\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5248\"\u003e#5248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eremoveAllItems\u003c/code\u003e translation for clear \u0026quot;x\u0026quot; title (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5291\"\u003e#5291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix wording in Vietnamese translations (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5387\"\u003e#5387\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error in Russian translation (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5401\"\u003e#5401\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove duplicate CSS selector in classic theme (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5115\"\u003e#5115\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSelect2 4.0.6-rc.1\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix up arrow error when there are no options in dropdown (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5127\"\u003e#5127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix IE11 issue with select losing focus after selecting an item (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4860\"\u003e#4860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReinstate backwards-compatible support for \u003ccode\u003edata('select2')\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4014\"\u003e#4014\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTranslations\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Turkmen translations (\u003ccode\u003etk\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5125\"\u003e#5125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error in French translations (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5122\"\u003e#5122\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove duplicate CSS selector in classic theme (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5115\"\u003e#5115\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/select2/select2/blob/develop/CHANGELOG.md\"\u003eselect2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.6\u003c/h2\u003e\n\u003ch3\u003eNew features/improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd style property to package.json (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5019\"\u003e#5019\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImplement \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003eclearing\u003c/code\u003e events (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5058\"\u003e#5058\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003escrollAfterSelect\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5150\"\u003e#5150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd missing diacritics (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4118\"\u003e#4118\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/select2/select2/issues/4337\"\u003e#4337\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/select2/select2/issues/5464\"\u003e#5464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix up arrow error when there are no options in dropdown (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5127\"\u003e#5127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e;\u003c/code\u003e before beginning of factory wrapper (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5089\"\u003e#5089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix IE11 issue with select losing focus after selecting an item (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4860\"\u003e#4860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eClear tooltip from \u003ccode\u003eselect2-selection__rendered\u003c/code\u003e when selection is cleared (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4640\"\u003e#4640\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/select2/select2/issues/4746\"\u003e#4746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix keyboard not closing when closing dropdown on iOS 10 (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4680\"\u003e#4680\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUser-defined types not normalized properly when passed in as data (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4632\"\u003e#4632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePerform deep merge for \u003ccode\u003eDefaults.set()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4364\"\u003e#4364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u0026quot;the results could not be loaded\u0026quot; displaying during AJAX request (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4356\"\u003e#4356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCache objects in \u003ccode\u003eUtils.__cache\u003c/code\u003e instead of using \u003ccode\u003e$.data\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4346\"\u003e#4346\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/select2/select2/issues/5486\"\u003e#5486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoving the double event binding registration of \u003ccode\u003eselection:update\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4306\"\u003e#4306\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eAccessibility\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eImprove \u003ccode\u003e.select2-hidden-accessible\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4908\"\u003e#4908\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd role and aria-readonly attributes to single selection dropdown value (\u003ca href=\"https://redirect.github.com/select2/select2/issues/4881\"\u003e#4881\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTranslations\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Turkmen translations (\u003ccode\u003etk\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5125\"\u003e#5125\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error in French translations (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5122\"\u003e#5122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Albanian translation (\u003ccode\u003esq\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5199\"\u003e#5199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Georgian translation (\u003ccode\u003eka\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5179\"\u003e#5179\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Nepali translation (\u003ccode\u003ene\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5295\"\u003e#5295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Bangla translation (\u003ccode\u003ebn\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5248\"\u003e#5248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eremoveAllItems\u003c/code\u003e translation for clear \u0026quot;x\u0026quot; title (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5291\"\u003e#5291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix wording in Vietnamese translations (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5387\"\u003e#5387\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix error in Russian translation (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5401\"\u003e#5401\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove duplicate CSS selector in classic theme (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5115\"\u003e#5115\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/5dcc1022bffbccbf6894a26572f34627adaf7599\"\u003e\u003ccode\u003e5dcc102\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/select2/select2/issues/5488\"\u003e#5488\u003c/a\u003e from select2/develop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/3e9809d715ef90816be7f43420fba9c6cb010b6c\"\u003e\u003ccode\u003e3e9809d\u003c/code\u003e\u003c/a\u003e Update changelog for 4.0.6 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/a2bfa6c867be634d5f852e1f5ae35e35018ed636\"\u003e\u003ccode\u003ea2bfa6c\u003c/code\u003e\u003c/a\u003e Recompile dist for 4.0.6 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/a8ea4cc3e3bcdee5eeb65695885708375da5b219\"\u003e\u003ccode\u003ea8ea4cc\u003c/code\u003e\u003c/a\u003e Bump versions for 4.0.6 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/b4aa3529f39367758a8df2964bebf1a05be45d43\"\u003e\u003ccode\u003eb4aa352\u003c/code\u003e\u003c/a\u003e Removed unused files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/650035cf3855b7265ccbd2ba82fe6f153751fb6e\"\u003e\u003ccode\u003e650035c\u003c/code\u003e\u003c/a\u003e Restore compatibility with data-* attributes in jQuery 2.x (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5486\"\u003e#5486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/9f8b6fff405924246f512dd4f39091d5a89f931a\"\u003e\u003ccode\u003e9f8b6ff\u003c/code\u003e\u003c/a\u003e [WIP] Get Grunt consistently working again (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5466\"\u003e#5466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/5977856d81f8cd41d5c0826562f8ee206d6c0de7\"\u003e\u003ccode\u003e5977856\u003c/code\u003e\u003c/a\u003e minor fix (greek omega used has no diacritic) (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5464\"\u003e#5464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/a9c1b617facc1007d66c330d59f782b798361530\"\u003e\u003ccode\u003ea9c1b61\u003c/code\u003e\u003c/a\u003e Update composer to remove deprecated dependency (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5165\"\u003e#5165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/select2/select2/commit/9032705e2a43cdd4d4a6b87e07644ef2e9ee941e\"\u003e\u003ccode\u003e9032705\u003c/code\u003e\u003c/a\u003e More suitable spelling \u003ccode\u003eещё\u003c/code\u003e instead of \u003ccode\u003eеще\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/select2/select2/issues/5401\"\u003e#5401\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/select2/select2/compare/4.0.5...4.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `grunt` from 0.4.5 to 1.6.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gruntjs/grunt/releases\"\u003egrunt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChangelog updates  72f6f03\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1755\"\u003e#1755\u003c/a\u003e from gruntjs/rm-dep  8d4c183\u003c/li\u003e\n\u003cli\u003eAdd recursive  1c7d483\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1756\"\u003e#1756\u003c/a\u003e from gruntjs/downgrade-glob  2d4fd38\u003c/li\u003e\n\u003cli\u003eDowngrade glob  902db7c\u003c/li\u003e\n\u003cli\u003eFix syntax  494f243\u003c/li\u003e\n\u003cli\u003eremove mkdirp  b01389e\u003c/li\u003e\n\u003cli\u003eremove dep on rimraf and mkdirp  0072510\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.6.0...v1.6.1\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.6.0...v1.6.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1750\"\u003e#1750\u003c/a\u003e from gruntjs/dep-update-jan28  2805dc3\u003c/li\u003e\n\u003cli\u003eREADME updates  3f1e423\u003c/li\u003e\n\u003cli\u003eBump to 16  8fd096d\u003c/li\u003e\n\u003cli\u003eUpdate more deps  42c5f95\u003c/li\u003e\n\u003cli\u003eBump eslint and node version  1d88050\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.3...v1.6.0\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.3...v1.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1745\"\u003e#1745\u003c/a\u003e from gruntjs/fix-copy-op  572d79b\u003c/li\u003e\n\u003cli\u003ePatch up race condition in symlink copying.  58016ff\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1746\"\u003e#1746\u003c/a\u003e from JamieSlome/patch-1  0749e1d\u003c/li\u003e\n\u003cli\u003eCreate SECURITY.md  69b7c50\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.2...v1.5.3\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.2...v1.5.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Changelog  7f15fd5\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1743\"\u003e#1743\u003c/a\u003e from gruntjs/cleanup-link  b0ec6e1\u003c/li\u003e\n\u003cli\u003eClean up link handling  433f91b\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.1...v1.5.2\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.1...v1.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1742\"\u003e#1742\u003c/a\u003e from gruntjs/update-symlink-test  ad22608\u003c/li\u003e\n\u003cli\u003eFix symlink test  0652305\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/gruntjs/grunt/compare/v1.5.0...v1.5.1\"\u003ehttps://github.com/gruntjs/grunt/compare/v1.5.0...v1.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated changelog  b2b2c2b\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1740\"\u003e#1740\u003c/a\u003e from gruntjs/update-deps-22-10  3eda6ae\u003c/li\u003e\n\u003cli\u003eUpdate testing matrix  47d32de\u003c/li\u003e\n\u003cli\u003eMore updates  2e9161c\u003c/li\u003e\n\u003cli\u003eRemove console log  04b960e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies, tests...  aad3d45\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1736\"\u003e#1736\u003c/a\u003e from justlep/main  fdc7056\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gruntjs/grunt/blob/main/CHANGELOG\"\u003egrunt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ev1.6.2\ndate: 2026-04-14\nchanges:\n- Update minimatch to 3.1.5.\n(PR: \u003ca href=\"https://redirect.github.com/gruntjs/grunt/pull/1796\"\u003egruntjs/grunt#1796\u003c/a\u003e)\n- Update nopt to 5.0.0.\n(PR: \u003ca href=\"https://redirect.github.com/gruntjs/grunt/pull/1778\"\u003egruntjs/grunt#1778\u003c/a\u003e)\nv1.6.1\ndate: 2023-01-31\nchanges:\n- Downgrades to glob 7 for Windows compatability\n- Removes mkdirp and rimraf in favour of node.js APIs.\nv1.6.0\ndate: 2023-01-28\nchanges:\n- Requires node.js 16+.\n- template.date now uses dateformat ~4.6.2.\n- other dependency updates such as glob, rimraf, etc.\nv1.5.3\ndate: 2022-04-23\nchanges:\n- Patch up race condition in symlink copying.\nv1.5.2\ndate: 2022-04-12\nchanges:\n- Unlink symlinks when copy destination is a symlink.\nv1.5.1\ndate: 2022-04-11\nchanges:\n- Fixed symlink destination handling.\nv1.5.0\ndate: 2022-04-10\nchanges:\n- Updated dependencies.\n- Add symlink handling for copying files.\nv1.4.1\ndate: 2021-05-24\nchanges:\n- Fix --preload option to be a known option\n- Switch to GitHub Actions\nv1.4.0\ndate: 2021-04-21\nchanges:\n- Security fixes in production and dev dependencies\n- Liftup/Liftoff upgrade breaking change. Update your scripts to use --preload instead of --require. Ref: \u003ca href=\"https://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb\"\u003ehttps://github.com/js-cli/js-liftoff/commit/e7a969d6706e730d90abb4e24d3cb4d3bce06ddb\u003c/a\u003e.\nv1.3.0\ndate: 2020-08-18\nchanges:\n- Switch to use \u003ccode\u003esafeLoad\u003c/code\u003e for loading YML files via \u003ccode\u003efile.readYAML\u003c/code\u003e.\n- Upgrade legacy-log to ~3.0.0.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/f49016e3ad7b92cf73982bec8d1ad224563a475d\"\u003e\u003ccode\u003ef49016e\u003c/code\u003e\u003c/a\u003e 1.6.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/662e097e7a77717df9cdcc76597ea54c154a1e67\"\u003e\u003ccode\u003e662e097\u003c/code\u003e\u003c/a\u003e Update minimatch to 3.1.5 to fix CVEs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/a29fd1872a9028c65ce8e7eadda8a4ac0931adb5\"\u003e\u003ccode\u003ea29fd18\u003c/code\u003e\u003c/a\u003e CI: add Node.js 24 to version matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/f757c4f7dd4225aea81e23f67b7d2b15f6fd965d\"\u003e\u003ccode\u003ef757c4f\u003c/code\u003e\u003c/a\u003e Update links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/b5aa8342f393f21fecb9c983e0208d9da2340cfa\"\u003e\u003ccode\u003eb5aa834\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1792\"\u003e#1792\u003c/a\u003e from UlisesGascon/security-md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/8d2dea224e772ff3c549be25d5d09c87d90ec536\"\u003e\u003ccode\u003e8d2dea2\u003c/code\u003e\u003c/a\u003e docs: refresh security policy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/aa15bdc5b435e2938744658dec31ec29c3109afc\"\u003e\u003ccode\u003eaa15bdc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1786\"\u003e#1786\u003c/a\u003e from stscoundrel/ci-node-22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/ee5b2a3480d520b442887451b86e596d971d94e6\"\u003e\u003ccode\u003eee5b2a3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gruntjs/grunt/issues/1787\"\u003e#1787\u003c/a\u003e from gruntjs/add-commercial-support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/c0e2b42efa4f590b624929d66e67a9f4e5c9ff46\"\u003e\u003ccode\u003ec0e2b42\u003c/code\u003e\u003c/a\u003e Readme updates re: support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gruntjs/grunt/commit/c4f037ddaecca57092f30018196361bb299b7bc7\"\u003e\u003ccode\u003ec4f037d\u003c/code\u003e\u003c/a\u003e CI: update GH actions V3 -\u0026gt; V4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gruntjs/grunt/compare/v0.4.5...v1.6.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~krinkle\"\u003ekrinkle\u003c/a\u003e, a new releaser for grunt since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `ajv`\n\nUpdates `bn.js` from 4.11.8 to 4.12.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/39fe4389c773327ed15f29f77f8b7dbbff4beb4c\"\u003e\u003ccode\u003e39fe438\u003c/code\u003e\u003c/a\u003e 4.12.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/67ecb35dabaf252001b649c12d69c4b57deac6f6\"\u003e\u003ccode\u003e67ecb35\u003c/code\u003e\u003c/a\u003e backport(4.x): fix imaskn state (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/c4098bac2470418f8e0f6bf11fe0cb676a2b9047\"\u003e\u003ccode\u003ec4098ba\u003c/code\u003e\u003c/a\u003e 4.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/6277fd705e51edae1c404c65f03ba2e512706945\"\u003e\u003ccode\u003e6277fd7\u003c/code\u003e\u003c/a\u003e backport(4.x): Fix imuln/muln with zero (backport of \u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/313\"\u003e#313\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/ac0d4afaae91701815b9edc19789e44e7690d688\"\u003e\u003ccode\u003eac0d4af\u003c/code\u003e\u003c/a\u003e 4.12.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/a5f14b43ec61bc7cafc6de2e7444913b9f581b00\"\u003e\u003ccode\u003ea5f14b4\u003c/code\u003e\u003c/a\u003e Fix serious issue in \u003ccode\u003e.toString(16)\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/0cd2661b9d08512263c940662586042ef8aaccc6\"\u003e\u003ccode\u003e0cd2661\u003c/code\u003e\u003c/a\u003e Remove package-lock.json added by npm\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/84ae31344a557abb78ddabe3bac923b7503e4fb5\"\u003e\u003ccode\u003e84ae313\u003c/code\u003e\u003c/a\u003e 4.12.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/967ed0a50a9400bbbd83b450550cf37f7fa178b9\"\u003e\u003ccode\u003e967ed0a\u003c/code\u003e\u003c/a\u003e fix: Buffer not using global in browser (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/260\"\u003e#260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/indutny/bn.js/commit/61962320d7907a1a4d03a665782cb2733160c907\"\u003e\u003ccode\u003e6196232\u003c/code\u003e\u003c/a\u003e Fix LE constructor for HEX (\u003ca href=\"https://redirect.github.com/indutny/bn.js/issues/265\"\u003e#265\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/indutny/bn.js/compare/v4.11.8...v4.12.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~fanatid\"\u003efanatid\u003c/a\u003e, a new releaser for bn.js since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.8 to 1.1.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.11\u003c/h2\u003e\n\u003ch1\u003ebrace-expansion\u003c/h1\u003e\n\u003cp\u003e\u003ca href=\"https://www.gnu.org/software/bash/manual/html_node/Brace-Expansion.html\"\u003eBrace expansion\u003c/a\u003e,\nas known from sh/bash, in JavaScript.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://travis-ci.org/juliangruber/brace-expansion\"\u003e\u003cimg src=\"https://secure.travis-ci.org/juliangruber/brace-expansion.svg\" alt=\"build status\" /\u003e\u003c/a\u003e\n\u003ca href=\"https://www.npmjs.org/package/brace-expansion\"\u003e\u003cimg src=\"https://img.shields.io/npm/dm/brace-expansion.svg\" alt=\"downloads\" /\u003e\u003c/a\u003e\n\u003ca href=\"https://greenkeeper.io/\"\u003e\u003cimg src=\"https://badges.greenkeeper.io/juliangruber/brace-expansion.svg\" alt=\"Greenkeeper badge\" /\u003e\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://ci.testling.com/juliangruber/brace-expansion\"\u003e\u003cimg src=\"https://ci.testling.com/juliangruber/brace-expansion.png\" alt=\"testling badge\" /\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eExample\u003c/h2\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003evar expand = require('brace-expansion');\n\u003cp\u003eexpand('file-{a,b,c}.jpg')\n// =\u0026gt; ['file-a.jpg', 'file-b.jpg', 'file-c.jpg']\u003c/p\u003e\n\u003cp\u003eexpand('-v{,,}')\n// =\u0026gt; ['-v', '-v', '-v']\u003c/p\u003e\n\u003cp\u003eexpand('file{0..2}.jpg')\n// =\u0026gt; ['file0.jpg', 'file1.jpg', 'file2.jpg']\u003c/p\u003e\n\u003cp\u003eexpand('file-{a..c}.jpg')\n// =\u0026gt; ['file-a.jpg', 'file-b.jpg', 'file-c.jpg']\u003c/p\u003e\n\u003cp\u003eexpand('file{2..0}.jpg')\n// =\u0026gt; ['file2.jpg', 'file1.jpg', 'file0.jpg']\u003c/p\u003e\n\u003cp\u003eexpand('file{0..4..2}.jpg')\n// =\u0026gt; ['file0.jpg', 'file2.jpg', 'file4.jpg']\u003c/p\u003e\n\u003cp\u003eexpand('file-{a..e..2}.jpg')\n// =\u0026gt; ['file-a.jpg', 'file-c.jpg', 'file-e.jpg']\u003c/p\u003e\n\u003cp\u003eexpand('file{00..10..5}.jpg')\n// =\u0026gt; ['file00.jpg', 'file05.jpg', 'file10.jpg']\u003c/p\u003e\n\u003cp\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v1 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2fbb6a2aa0f984bb2fb5f60252ca6cba3e1368ec\"\u003e\u003ccode\u003e2fbb6a2\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0d7652e3093d3273151729812f9b0b79a17ecba6\"\u003e\u003ccode\u003e0d7652e\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-7h2j-956f-4vf2 to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/101\"\u003e#101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/6c353caf23beb9644f858eb3fe38d43a68b82898\"\u003e\u003ccode\u003e6c353ca\u003c/code\u003e\u003c/a\u003e 1.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\"\u003e\u003ccode\u003e7fd684f\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/95\"\u003e#95\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/44f33b47c5c6a965d507421af43e86cf5971d711\"\u003e\u003ccode\u003e44f33b4\u003c/code\u003e\u003c/a\u003e 1.1.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c460dbd68e428d147b2080622d8ce126c7a08570\"\u003e\u003ccode\u003ec460dbd\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 1.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ccb8ac6d4292b7661b677fe048ba6690c877f51f\"\u003e\u003ccode\u003eccb8ac6\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/c3c73c8b088defc70851843be88ccc3af08e7217\"\u003e\u003ccode\u003ec3c73c8\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.8...v1.1.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `browserify-sign` from 4.0.4 to 4.2.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md\"\u003ebrowserify-sign's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.4...v4.2.5\"\u003ev4.2.5\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] clean up tests and convert console info skips to tape skips \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] drop unsupported nodes from CI \u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.3...v4.2.4\"\u003ev4.2.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[actions] split out node 10-20, and 20+ \u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove \u003ccode\u003efiles\u003c/code\u003e field \u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003esemver\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5f6698211aa1d6dddaba8c245f40f63ae28924a3\"\u003e\u003ccode\u003e5f66982\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] replace \u003ccode\u003eaud\u003c/code\u003e with \u003ccode\u003enpm audit\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d44b24d8691d699ccc76780b106fe9c1bf0d1558\"\u003e\u003ccode\u003ed44b24d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] revert 9e2bf12, now that v3.1.1 is out \u003ca href=\"https://github.com/browserify/browserify-sign/commit/428cf7f3f0d09f1b39312e5e51620ca684b5c1ac\"\u003e\u003ccode\u003e428cf7f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.2...v4.2.3\"\u003ev4.2.3\u003c/a\u003e - 2024-03-05\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[patch] widen support to 0.12 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9247adfd261ededfec1c036c9d8f36c4e9f87c0e\"\u003e\u003ccode\u003e9247adf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[patch] drop minimum node support to v1 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/4d0ee49ae2dc238b877dce9aed7e23fb4cb5088d\"\u003e\u003ccode\u003e4d0ee49\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eaud\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/87f3a35a587b377da2c1987af8d41c57b5afe0a5\"\u003e\u003ccode\u003e87f3a35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] remove redundant finisher \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37a475856843b7d1b2403fdafac0024ba252e579\"\u003e\u003ccode\u003e37a4758\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003ehash-base\u003c/code\u003e to ~3.0, due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9e2bf122b70970cb92f69d53e963f18299f14d66\"\u003e\u003ccode\u003e9e2bf12\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1 [\u003c/code\u003ef427270`](\u003ca href=\"https://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\"\u003ehttps://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/fb261cea57f92b3d98bc4d8bc6228c43a5de2e91\"\u003e\u003ccode\u003efb261ce\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003eelliptic\u003c/code\u003e due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/168e16fcb54886a0281b0c983e1482a097042684\"\u003e\u003ccode\u003e168e16f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.1...v4.2.2\"\u003ev4.2.2\u003c/a\u003e - 2023-10-25\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] log when openssl doesn't support cipher \u003ca href=\"https://redirect.github.com/browserify/browserify-sign/issues/37\"\u003e\u003ccode\u003e[#37](https://github.com/crypto-browserify/browserify-sign/issues/37)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/browserify-sign/commit/09a89959393b3c89fedd4f7f3bafa4fec44371d7\"\u003e\u003ccode\u003e09a8995\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/browserify-sign/commit/83fe46374b819e959d56d2c0b931308f7451a664\"\u003e\u003ccode\u003e83fe463\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/44181838e7dcc4d5d0c568f74312ea28f0bcdfd5\"\u003e\u003ccode\u003e4418183\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9ac5a5eaaac8a11eb70ec2febd13745c8764ae02\"\u003e\u003ccode\u003e9ac5a5e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to github actions \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d845d855def38e2085d5a21e447a48300f99fa60\"\u003e\u003ccode\u003ed845d85\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003esign\u003c/code\u003e: throw on unsupported padding scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/8767739a4516289568bcce9fed8a3b7e23478de9\"\u003e\u003ccode\u003e8767739\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] properly check the upper bound for DSA signatures \u003ca href=\"https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30\"\u003e\u003ccode\u003e85994cd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle openSSL not supporting a scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/f5f17c27f9824de40b5ce8ebd8502111203fd6af\"\u003e\u003ccode\u003ef5f17c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/d3a7458af692134219fce56a082068f678e12474\"\u003e\u003ccode\u003ed3a7458\u003c/code\u003e\u003c/a\u003e v4.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e [Tests] clean up tests and convert console info skips to tape skips\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e [Fix] restore node 0.10 support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e [actions] drop unsupported nodes from CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/9c371720efd60af4e08f83df4cd612a6ed135cec\"\u003e\u003ccode\u003e9c37172\u003c/code\u003e\u003c/a\u003e v4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e [meta] remove \u003ccode\u003efiles\u003c/code\u003e field\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e [actions] split out node 10-20, and 20+\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/browserify-sign/compare/v4.0.4...v4.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for browserify-sign since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cached-path-relative` from 1.0.1 to 1.1.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ashaffer/cached-path-relative/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `getobject` from 0.1.0 to 1.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cowboy/node-getobject/releases\"\u003egetobject's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/cowboy/node-getobject/issues/8\"\u003e#8\u003c/a\u003e from cowboy/dependabot/npm_and_yarn/path-parse-1.0.7  6f86cf7\u003c/li\u003e\n\u003cli\u003eBump path-parse from 1.0.6 to 1.0.7  6e79841\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/cowboy/node-getobject/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate deps  141e3a5\u003c/li\u003e\n\u003cli\u003eMerge pull request \u003ca href=\"https://redirect.github.com/cowboy/node-getobject/issues/7\"\u003e#7\u003c/a\u003e from cowboy/dependabot/npm_and_yarn/hosted-git-info-2.8.9  c97cf3e\u003c/li\u003e\n\u003cli\u003eBump hosted-git-info from 2.8.8 to 2.8.9  201e91b\u003c/li\u003e\n\u003cli\u003eUpdate dev deps  5ffb873\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/cowboy/node-getobject/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/cowboy/node-getobject/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e...\n\n_Description has been truncated_","html_url":"https://github.com/robertsn808/opensource-casino-v10-fixed/pull/21","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/robertsn808%2Fopensource-casino-v10-fixed/issues/21","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/21/packages"}},{"old_version":"1.0.4","new_version":"1.0.7","update_type":"patch","path":null,"pr_created_at":"2026-05-15T21:16:35.000Z","version_change":"1.0.4 → 1.0.7","issue":{"uuid":"4457012181","node_id":"PR_kwDOCkavQs7cEjjw","number":8,"state":"open","title":"⬆️ Bump the npm-security-updates group across 1 directory with 17 updates","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-15T21:16:35.000Z","updated_at":"2026-05-15T21:16:37.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"⬆️ Bump","group_name":"npm-security-updates","update_count":17,"packages":[{"name":"@angular/common","old_version":"7.2.7","new_version":"19.2.16","repository_url":"https://github.com/angular/angular"},{"name":"@angular/core","old_version":"7.2.7","new_version":"19.2.20","repository_url":"https://github.com/angular/angular"},{"name":"@angular/compiler","old_version":"7.2.7","new_version":"19.2.18","repository_url":"https://github.com/angular/angular"},{"name":"@babel/traverse","old_version":"7.3.4","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"browserify-sign","old_version":"4.0.4","new_version":"4.2.5","repository_url":"https://github.com/crypto-browserify/browserify-sign"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"decode-uri-component","old_version":"0.2.0","new_version":"0.2.2","repository_url":"https://github.com/SamVerschueren/decode-uri-component"},{"name":"express","old_version":"4.16.4","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"follow-redirects","old_version":"1.7.0","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"fsevents","old_version":"1.2.7","new_version":"1.2.13","repository_url":"https://github.com/fsevents/fsevents"},{"name":"handlebars","old_version":"4.1.0","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"js-yaml","old_version":"3.12.2","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"jszip","old_version":"3.2.0","new_version":"3.10.1","repository_url":"https://github.com/Stuk/jszip"},{"name":"lodash","old_version":"4.17.11","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"sha.js","old_version":"2.4.11","new_version":"2.4.12","repository_url":"https://github.com/crypto-browserify/sha.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm-security-updates group with 15 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common) | `7.2.7` | `19.2.16` |\n| [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `7.2.7` | `19.2.20` |\n| [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) | `7.2.7` | `19.2.18` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.3.4` | `7.29.0` |\n| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.5` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |\n| [express](https://github.com/expressjs/express) | `4.16.4` | `4.22.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.7.0` | `1.16.0` |\n| [fsevents](https://github.com/fsevents/fsevents) | `1.2.7` | `1.2.13` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.1.0` | `4.7.9` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.12.2` | `3.14.2` |\n| [jszip](https://github.com/Stuk/jszip) | `3.2.0` | `3.10.1` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.11` | `4.18.1` |\n| [sha.js](https://github.com/crypto-browserify/sha.js) | `2.4.11` | `2.4.12` |\n\n\nUpdates `@angular/common` from 7.2.7 to 19.2.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/common's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/common's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.16 (2025-11-26)\u003c/h1\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e05fe6686a9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.14 (2025-11-25)\u003c/h1\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f\"\u003e0276479e7d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.1 (2025-11-25)\u003c/h1\u003e\n\u003ch3\u003ecompiler-cli\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/39c577bc362b263896b38c9486131d4342b8f1a8\"\u003e39c577bc36\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edo not type check native controls with ControlValueAccessor\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8d3a89a477e273b9b2223b6db775955e35105963\"\u003e8d3a89a477\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eescape angular control flow in jsdoc\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/bc34083d349a7d30efb43df97de0509fd85a1996\"\u003ebc34083d34\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eignore non-existent files\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0ea1e071742a031d9afb7a39f8e23082cd88ca2e\"\u003e0ea1e07174\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eapply bootstrap-options migration to \u003ccode\u003eplatformBrowserDynamic\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/70507b8c1ce733b8232a12fa45037ee219b5b102\"\u003e70507b8c1c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edebug data causing memory leak for root effects\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/a55482fca3b7e4f39d95f8ff236b6619e59b8190\"\u003ea55482fca3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enotify profiler events in case of errors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/49ad7c650818ee7db321a24c89282dbf9bb250f3\"\u003e49ad7c6508\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003euse injected \u003ccode\u003eDOCUMENT\u003c/code\u003e for \u003ccode\u003eCSP_NONCE\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1ec099315b0f429d0b0f07c9b1bf686668db6b\"\u003ecc1ec09931\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eperf\u003c/td\u003e\n\u003ctd\u003eavoid repeat searches for field directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eforms\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7d5c7cf99aa5c6490f8bea950b04bd56073582a1\"\u003e7d5c7cf99a\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efeat\u003c/td\u003e\n\u003ctd\u003eadd DI option for classes on \u003ccode\u003eField\u003c/code\u003e directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8acf5d27563ec51cc76971732d50e1f4142a3fe3\"\u003e8acf5d2756\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow dynamic \u003ccode\u003etype\u003c/code\u003e bindings on signal form controls\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003ccode\u003e05fe668\u003c/code\u003e\u003c/a\u003e fix(http): prevent XSRF token leakage to protocol-relative URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/12e2302a0425f3a2b09cb00d743cbdb099a5eb31\"\u003e\u003ccode\u003e12e2302\u003c/code\u003e\u003c/a\u003e build: update common's locales to use rules_js (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61630\"\u003e#61630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/9701047b9f41175a498b8bb35563e2ed277b83e1\"\u003e\u003ccode\u003e9701047\u003c/code\u003e\u003c/a\u003e test(common): Add circular deps test to 19.2.x (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61651\"\u003e#61651\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2c876b4fc5d89ce925b1403e239c7d162e39346b\"\u003e\u003ccode\u003e2c876b4\u003c/code\u003e\u003c/a\u003e fix(common): avoid injecting ApplicationRef in FetchBackend (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61649\"\u003e#61649\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e54b5773f8f74bdd2e2c0a4c89c84543c99b834\"\u003e\u003ccode\u003e8e54b57\u003c/code\u003e\u003c/a\u003e build: move private testing helpers outside \u003ccode\u003eplatform-browser/testing\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2b1b14f4d3751b9b3c351ddc412ecdcb2aea4781\"\u003e\u003ccode\u003e2b1b14f\u003c/code\u003e\u003c/a\u003e fix(core): cleanup \u003ccode\u003erxResource\u003c/code\u003e abort listener (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/58306\"\u003e#58306\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/126efc9972e18806e71977d51a55f8ec2f0514d6\"\u003e\u003ccode\u003e126efc9\u003c/code\u003e\u003c/a\u003e fix(common): cancel reader when app is destroyed (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61528\"\u003e#61528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/efda8724535a8560a64b28cc2bf81df5931af686\"\u003e\u003ccode\u003eefda872\u003c/code\u003e\u003c/a\u003e fix(common): prevent reading chunks if app is destroyed (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61354\"\u003e#61354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/c43fd3a39c8d7b6ab23037a87456f6acfb4eb08f\"\u003e\u003ccode\u003ec43fd3a\u003c/code\u003e\u003c/a\u003e build: migrate common to use rules_js based toolchain (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61434\"\u003e#61434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/185b7801ee0eede67f0ca5a501833eb4f392098b\"\u003e\u003ccode\u003e185b780\u003c/code\u003e\u003c/a\u003e build: migrate \u003ccode\u003epackages/core/schematics\u003c/code\u003e to \u003ccode\u003ets_project\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61420\"\u003e#61420\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/19.2.16/packages/common\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/common\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/core` from 7.2.7 to 19.2.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.20\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5be912eb55fe88e8621e2ce82470d51b7d950ceb\"\u003e\u003cimg src=\"https://img.shields.io/badge/5be912eb55-fix-green\" alt=\"fix - 5be912eb55\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003e\u003cimg src=\"https://img.shields.io/badge/b89b0a83a4-fix-green\" alt=\"fix - b89b0a83a4\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e\u003cimg src=\"https://img.shields.io/badge/621c7071ad-fix-green\" alt=\"fix - 621c7071ad\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.19\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/747548721d051c21e388a302d20d53fb3ab16367\"\u003e\u003cimg src=\"https://img.shields.io/badge/747548721d-fix-green\" alt=\"fix - 747548721d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eblock creation of sensitive URI attributes from ICU messages\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAngular now only applies known attributes from HTML in translated ICU content. Unknown attributes are dropped and not rendered.\u003c/p\u003e\n\u003cp\u003e(cherry picked from commit 03da204b6daa5e4583e0d0968c2107390bbd8235)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.18\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003cimg src=\"https://img.shields.io/badge/26cdc53d9c-fix-green\" alt=\"fix - 26cdc53d9c\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.17\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003cimg src=\"https://img.shields.io/badge/7c42e2ebeb-fix-green\" alt=\"fix - 7c42e2ebeb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.20 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5be912eb55fe88e8621e2ce82470d51b7d950ceb\"\u003e5be912eb55\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003eb89b0a83a4\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e621c7071ad\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.18 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/02fbf08890ec6ac2efb6c2ec4f17e56497cb81d2\"\u003e02fbf08890\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72126f9a08c185a9b93461bab67841c4e84c9b17\"\u003e72126f9a08\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/626bc8bc20e485cad2094c4a5d9417fb9a71dda8\"\u003e626bc8bc20\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e22.0.0-next.3 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/78dea55351fb305b33a919c43a6b363137eca166\"\u003e78dea55351\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/999c14eaab981d12bf2b1d9b1fd6766157f7b1cc\"\u003e999c14eaab\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ereverts \u0026quot;feat(core): add support for nested animations\u0026quot;\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/de0eb4c6566011e1a34d529a273ec3d5b6bf17d5\"\u003ede0eb4c656\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.2.4 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ed2d324f9cc12aab6cfa0569ef10b73243a62c65\"\u003eed2d324f9c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e\u003ccode\u003e621c707\u003c/code\u003e\u003c/a\u003e fix(core): sanitize translated form attributes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003e\u003ccode\u003eb89b0a8\u003c/code\u003e\u003c/a\u003e fix(core): sanitize translated attribute bindings with interpolations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/747548721d051c21e388a302d20d53fb3ab16367\"\u003e\u003ccode\u003e7475487\u003c/code\u003e\u003c/a\u003e fix(core): block creation of sensitive URI attributes from ICU messages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003ccode\u003e26cdc53\u003c/code\u003e\u003c/a\u003e fix(core): sanitize sensitive attributes on SVG script elements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003ccode\u003e7c42e2e\u003c/code\u003e\u003c/a\u003e fix(compiler): prevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/70d0639bc19e376af1a0491898f54a026d3227e2\"\u003e\u003ccode\u003e70d0639\u003c/code\u003e\u003c/a\u003e fix(core): introduce \u003ccode\u003eBootstrapContext\u003c/code\u003e for improved server bootstrapping (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/6\"\u003e#6\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/73d3e001d2a2fa3218d769c0834c12a762d86882\"\u003e\u003ccode\u003e73d3e00\u003c/code\u003e\u003c/a\u003e build: fix failing test (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61683\"\u003e#61683\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/9e1cd4966202d89c7310ab84c50b2c4231a0213e\"\u003e\u003ccode\u003e9e1cd49\u003c/code\u003e\u003c/a\u003e fix(migrations): preserve comments when removing unused imports (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61674\"\u003e#61674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/a6d5479cc75a91447daf3877d62b68a5740d3c74\"\u003e\u003ccode\u003ea6d5479\u003c/code\u003e\u003c/a\u003e build: migrate platform-server to rules_js (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61619\"\u003e#61619\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2a269449745c836e4b99215e36ea10fbe87e9e21\"\u003e\u003ccode\u003e2a26944\u003c/code\u003e\u003c/a\u003e build: migrate platform-browser and platform-browser-dynamic package to use r...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v19.2.20/packages/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/core\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/compiler` from 7.2.7 to 19.2.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/compiler's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.18\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003cimg src=\"https://img.shields.io/badge/26cdc53d9c-fix-green\" alt=\"fix - 26cdc53d9c\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.17\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003cimg src=\"https://img.shields.io/badge/7c42e2ebeb-fix-green\" alt=\"fix - 7c42e2ebeb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/compiler's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.18 (2026-01-07)\u003c/h1\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e26cdc53d9c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.7 (2026-01-07)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e808740c9311daa0f1c9bab8596ed5e54bdcc6a\"\u003e8e808740c9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ebetter types for a few expression AST nodes\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/63b1cdcf70e6de448e8fa4ba1732d7bd7b5400d1\"\u003e63b1cdcf70\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eproduce accurate span for typeof and void expressions\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/3c3ae0cb64bb112d7167fd9b0bf7739f0c9e6a39\"\u003e3c3ae0cb64\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprovide location information for literal map keys\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/523dbaf1c3646ce27f1cf2e4cfc84c730fea8da9\"\u003e523dbaf1c3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003estop ThisReceiver inheritance from ImplicitReceiver\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler-cli\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/4d9c4567edfb8dd424a3336ef54ffdfc6ca7c15f\"\u003e4d9c4567ed\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eensure component import diagnostics are reported within the \u003ccode\u003eimports\u003c/code\u003e expression\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cd405685afbfad530de7fb841ad352d2b702a9a4\"\u003ecd405685af\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003efix up spelling of diagnostic\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/778460fccac13d8667bb53fa24ba977a930c0253\"\u003e778460fcca\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport qualified names in \u003ccode\u003etypeof\u003c/code\u003e type references\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c74674eb07491f808f79976e3e21787a841aefb\"\u003e7c74674eb0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eavoid leaking view data in animations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0edbee4550e85b933e9bd2ba3c5511ef6fbf7304\"\u003e0edbee4550\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eexplicitly cast signal node value to String\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/f9c29572d28feef878c73edad562b3a6451825a6\"\u003ef9c29572d2\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eforms\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e3fba182f90a2673040cf267a970c54c07d4840f\"\u003ee3fba182f9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efeat\u003c/td\u003e\n\u003ctd\u003eadd \u003ccode\u003e[formField]\u003c/code\u003e directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/561772b152458e1d91d4bf3ef45d9645a731f2b1\"\u003e561772b152\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003edirty\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/f0fb1d8581671ca499bcb4790b0549825eb36a91\"\u003ef0fb1d8581\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003ehidden\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ec110f170bbba95f023c8ae0e4429c35bfedc572\"\u003eec110f170b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003epending\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ae1dc16bb0d30b6e87b0f98b7989e6685d856e31\"\u003eae1dc16bb0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eclean up abort listener after timeout\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/9748b0d5da6ffb1fd2498b23cc452240f46e0549\"\u003e9748b0d5da\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport custom controls with non signal-based models\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/6bd22df987e433a9e3cb759e35eb6403991cf4b7\"\u003e6bd22df987\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eSupport readonly arrays in signal forms\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003erouter\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/41cd4a6af800cf7807c46862c99ae036457d8fa7\"\u003e41cd4a6af8\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eFix RouterLink href not updating with \u003ccode\u003equeryParamsHandling\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5e9e09aee0c08901d2a4d48b60bd13692c73e76e\"\u003e5e9e09aee0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ehandle errors from view transition \u003ccode\u003eupdateCallbackDone\u003c/code\u003e promise\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.6 (2025-12-17)\u003c/h1\u003e\n\u003ch2\u003eBreaking Changes (affecting only experimental features)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003ccode\u003e26cdc53\u003c/code\u003e\u003c/a\u003e fix(core): sanitize sensitive attributes on SVG script elements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003ccode\u003e7c42e2e\u003c/code\u003e\u003c/a\u003e fix(compiler): prevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/24bab55f0c89c4fe6037780fd7b2e8c8aa5429b2\"\u003e\u003ccode\u003e24bab55\u003c/code\u003e\u003c/a\u003e fix(compiler): lexer support for template literals in object literals (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61601\"\u003e#61601\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/fc2483e7e96f8a26293f6862cbd27417b4e40809\"\u003e\u003ccode\u003efc2483e\u003c/code\u003e\u003c/a\u003e refactor(compiler): avoid duplication between \u003ccode\u003eFactoryTarget\u003c/code\u003e type (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e54b5773f8f74bdd2e2c0a4c89c84543c99b834\"\u003e\u003ccode\u003e8e54b57\u003c/code\u003e\u003c/a\u003e build: move private testing helpers outside \u003ccode\u003eplatform-browser/testing\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/44bb328eaea028524206d0d2b9f12702c9bf3861\"\u003e\u003ccode\u003e44bb328\u003c/code\u003e\u003c/a\u003e fix(compiler): avoid conflicts between HMR code and local symbols (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61550\"\u003e#61550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/1007079aeea013291900109c86fab36c9cac50c4\"\u003e\u003ccode\u003e1007079\u003c/code\u003e\u003c/a\u003e build: update compiler-cli to not be stamped when used for the compiler in ng...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/0d025c5013292fdba65d91982ae8aaee61583d57\"\u003e\u003ccode\u003e0d025c5\u003c/code\u003e\u003c/a\u003e build: support new \u003ccode\u003eng_project\u003c/code\u003e rule (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61336\"\u003e#61336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/899cb4ab49e284185f2093f2b48f1adba8cb3d47\"\u003e\u003ccode\u003e899cb4a\u003c/code\u003e\u003c/a\u003e refactor: add explicit types for exports relying on inferred call return type...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/1312eb1600648c94a0063667c2095165462f27ef\"\u003e\u003ccode\u003e1312eb1\u003c/code\u003e\u003c/a\u003e build: remove irrelevant madge circular deps tests (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61209\"\u003e#61209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v19.2.18/packages/compiler\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/compiler\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.3.4 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/traverse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `browserify-sign` from 4.0.4 to 4.2.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md\"\u003ebrowserify-sign's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.4...v4.2.5\"\u003ev4.2.5\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] clean up tests and convert console info skips to tape skips \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] drop unsupported nodes from CI \u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.3...v4.2.4\"\u003ev4.2.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[actions] split out node 10-20, and 20+ \u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove \u003ccode\u003efiles\u003c/code\u003e field \u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003esemver\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5f6698211aa1d6dddaba8c245f40f63ae28924a3\"\u003e\u003ccode\u003e5f66982\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] replace \u003ccode\u003eaud\u003c/code\u003e with \u003ccode\u003enpm audit\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d44b24d8691d699ccc76780b106fe9c1bf0d1558\"\u003e\u003ccode\u003ed44b24d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] revert 9e2bf12, now that v3.1.1 is out \u003ca href=\"https://github.com/browserify/browserify-sign/commit/428cf7f3f0d09f1b39312e5e51620ca684b5c1ac\"\u003e\u003ccode\u003e428cf7f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.2...v4.2.3\"\u003ev4.2.3\u003c/a\u003e - 2024-03-05\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[patch] widen support to 0.12 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9247adfd261ededfec1c036c9d8f36c4e9f87c0e\"\u003e\u003ccode\u003e9247adf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[patch] drop minimum node support to v1 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/4d0ee49ae2dc238b877dce9aed7e23fb4cb5088d\"\u003e\u003ccode\u003e4d0ee49\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eaud\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/87f3a35a587b377da2c1987af8d41c57b5afe0a5\"\u003e\u003ccode\u003e87f3a35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] remove redundant finisher \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37a475856843b7d1b2403fdafac0024ba252e579\"\u003e\u003ccode\u003e37a4758\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003ehash-base\u003c/code\u003e to ~3.0, due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9e2bf122b70970cb92f69d53e963f18299f14d66\"\u003e\u003ccode\u003e9e2bf12\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1 [\u003c/code\u003ef427270`](\u003ca href=\"https://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\"\u003ehttps://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/fb261cea57f92b3d98bc4d8bc6228c43a5de2e91\"\u003e\u003ccode\u003efb261ce\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003eelliptic\u003c/code\u003e due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/168e16fcb54886a0281b0c983e1482a097042684\"\u003e\u003ccode\u003e168e16f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.1...v4.2.2\"\u003ev4.2.2\u003c/a\u003e - 2023-10-25\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] log when openssl doesn't support cipher \u003ca href=\"https://redirect.github.com/browserify/browserify-sign/issues/37\"\u003e\u003ccode\u003e[#37](https://github.com/crypto-browserify/browserify-sign/issues/37)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/browserify-sign/commit/09a89959393b3c89fedd4f7f3bafa4fec44371d7\"\u003e\u003ccode\u003e09a8995\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/browserify-sign/commit/83fe46374b819e959d56d2c0b931308f7451a664\"\u003e\u003ccode\u003e83fe463\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/44181838e7dcc4d5d0c568f74312ea28f0bcdfd5\"\u003e\u003ccode\u003e4418183\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9ac5a5eaaac8a11eb70ec2febd13745c8764ae02\"\u003e\u003ccode\u003e9ac5a5e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to github actions \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d845d855def38e2085d5a21e447a48300f99fa60\"\u003e\u003ccode\u003ed845d85\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003esign\u003c/code\u003e: throw on unsupported padding scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/8767739a4516289568bcce9fed8a3b7e23478de9\"\u003e\u003ccode\u003e8767739\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] properly check the upper bound for DSA signatures \u003ca href=\"https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30\"\u003e\u003ccode\u003e85994cd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] handle openSSL not supporting a scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/f5f17c27f9824de40b5ce8ebd8502111203fd6af\"\u003e\u003ccode\u003ef5f17c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/d3a7458af692134219fce56a082068f678e12474\"\u003e\u003ccode\u003ed3a7458\u003c/code\u003e\u003c/a\u003e v4.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e [Tests] clean up tests and convert console info skips to tape skips\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e [Fix] restore node 0.10 support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e [actions] drop unsupported nodes from CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/9c371720efd60af4e08f83df4cd612a6ed135cec\"\u003e\u003ccode\u003e9c37172\u003c/code\u003e\u003c/a\u003e v4.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e [meta] remove \u003ccode\u003efiles\u003c/code\u003e field\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e [actions] split out node 10-20, and 20+\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e [Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e [Dev Deps] add missing peer dep\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/browserify-sign/compare/v4.0.4...v4.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for browserify-sign since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cipher-base` from 1.0.4 to 1.0.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md\"\u003ecipher-base's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.6...v1.0.7\"\u003ev1.0.7\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.5...v1.0.6\"\u003ev1.0.6\u003c/a\u003e - 2024-11-26\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Fix] io.js 3.0 - Node.js 5.3 typed array support \u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/cipher-base/compare/v1.0.4...v1.0.5\"\u003ev1.0.5\u003c/a\u003e - 2024-11-17\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] standard -\u0026gt; eslint, make test dir, etc \u003ca href=\"https://github.com/browserify/cipher-base/commit/ae02fd6624c41ac4ac18077be797111d1955bc76\"\u003e\u003ccode\u003eae02fd6\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to GHA \u003ca href=\"https://github.com/browserify/cipher-base/commit/66387d71461287ad9067bb1bcbfdc47403a33ee7\"\u003e\u003ccode\u003e66387d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] return valid values on multi-byte-wide TypedArray input \u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/cipher-base/commit/42528f291db16bf2e7d5f831ebe2ad87fd0b1f42\"\u003e\u003ccode\u003e42528f2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003einherits\u003c/code\u003e, \u003ccode\u003esafe-buffer\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/0e7a2d9a33a391e82fa9cf512d6e25cc91ab8613\"\u003e\u003ccode\u003e0e7a2d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add missing \u003ccode\u003eengines.node\u003c/code\u003e \u003ca href=\"https://github.com/browserify/cipher-base/commit/f2dc13e47bbcf3c873db9a9e0f83e5f29d0783fe\"\u003e\u003ccode\u003ef2dc13e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/00567180c846dd3db3848c9223991c58a0d5490c\"\u003e\u003ccode\u003e0056718\u003c/code\u003e\u003c/a\u003e v1.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/fd1e5eeafccbc8eaa827ee6b9b60c14608aa784f\"\u003e\u003ccode\u003efd1e5ee\u003c/code\u003e\u003c/a\u003e [Refactor] use \u003ccode\u003eto-buffer\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/08ba8034223a53d300b7dccf33d8f14e52379a34\"\u003e\u003ccode\u003e08ba803\u003c/code\u003e\u003c/a\u003e [Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f5249f94611506ef35a8be4d48a3fc5ecf1fac63\"\u003e\u003ccode\u003ef5249f9\u003c/code\u003e\u003c/a\u003e v1.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/b7ddd2ac24e65cc47befc1e0eb5026422f8ab037\"\u003e\u003ccode\u003eb7ddd2a\u003c/code\u003e\u003c/a\u003e [Fix] io.js 3.0 - Node.js 5.3 typed array support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/f03cebfdad1cba1d56614c58affa303b0fa2a43e\"\u003e\u003ccode\u003ef03cebf\u003c/code\u003e\u003c/a\u003e v1.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/88dc806806d3dc41444dbf639c87c00f82c949b3\"\u003e\u003ccode\u003e88dc806\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003eauto-changelog\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/7a137d749ce7ea7ea56b9c096844b1b8ab723f61\"\u003e\u003ccode\u003e7a137d7\u003c/code\u003e\u003c/a\u003e [meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003esafe-publish-latest\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/5c02918ac58c875ed36913c2dc3e1043f4d1c99c\"\u003e\u003ccode\u003e5c02918\u003c/code\u003e\u003c/a\u003e [meta] fix package.json indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/browserify/cipher-base/commit/8fd136432ca298a664f5637629cf2b42a6c7f294\"\u003e\u003ccode\u003e8fd1364\u003c/code\u003e\u003c/a\u003e [Fix] return valid values on multi-byte-wide TypedArray input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crypto-browserify/cipher-base/compare/v1.0.4...v1.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ljharb\"\u003eljharb\u003c/a\u003e, a new releaser for cipher-base since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepublish\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `decode-uri-component` from 0.2.0 to 0.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/releases\"\u003edecode-uri-component's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent overwriting previously decoded tokens  980e0bf\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2\"\u003ehttps://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitch to GitHub workflows  76abc93\u003c/li\u003e\n\u003cli\u003eFix issue where decode throws - fixes \u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/6\"\u003e#6\u003c/a\u003e  746ca5d\u003c/li\u003e\n\u003cli\u003eUpdate license (\u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/1\"\u003e#1\u003c/a\u003e)  486d7e2\u003c/li\u003e\n\u003cli\u003eTidelift tasks  a650457\u003c/li\u003e\n\u003cli\u003eMeta tweaks  66e1c28\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1\"\u003ehttps://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/a0eea469d26eb0df668b081672cdb9581feb78eb\"\u003e\u003ccode\u003ea0eea46\u003c/code\u003e\u003c/a\u003e 0.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/980e0bf09b64d94f1aa79012f895816c30ffd152\"\u003e\u003ccode\u003e980e0bf\u003c/code\u003e\u003c/a\u003e Prevent overwriting previously decoded tokens\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/3c8a373dd4837e89b3f970e01295dd03e1405a33\"\u003e\u003ccode\u003e3c8a373\u003c/code\u003e\u003c/a\u003e 0.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/76abc939783fe3900fadb7d384a74d324d5557f3\"\u003e\u003ccode\u003e76abc93\u003c/code\u003e\u003c/a\u003e Switch to GitHub workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/746ca5dcb6667c5d364e782d53c542830e4c10b9\"\u003e\u003ccode\u003e746ca5d\u003c/code\u003e\u003c/a\u003e Fix issue where decode throws - fixes \u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/6\"\u003e#6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/486d7e26d3a8c0fbe860fb651fe1bc98c2f2be30\"\u003e\u003ccode\u003e486d7e2\u003c/code\u003e\u003c/a\u003e Update license (\u003ca href=\"https://redirect.github.com/SamVerschueren/decode-uri-component/issues/1\"\u003e#1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/a65045724e6234acef87f31da499d4807b20b134\"\u003e\u003ccode\u003ea650457\u003c/code\u003e\u003c/a\u003e Tidelift tasks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/commit/66e1c2834c0e189201cb65196ec3101372459b02\"\u003e\u003ccode\u003e66e1c28\u003c/code\u003e\u003c/a\u003e Meta tweaks\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.16.4 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.16.4...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow...\n\n_Description has been truncated_","html_url":"https://github.com/servrox/demo-ionic-tabs-back-button/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/servrox%2Fdemo-ionic-tabs-back-button/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"}}]}