{"id":1536,"name":"cookie","ecosystem":"npm","repository_url":"https://github.com/jshttp/cookie","issues_count":4742,"created_at":"2025-06-06T15:01:45.651Z","updated_at":"2025-06-06T15:01:45.651Z","purl":"pkg:npm/cookie","metadata":{"id":1555721,"name":"cookie","ecosystem":"npm","description":"HTTP server cookie parsing and serialization","homepage":"https://github.com/jshttp/cookie#readme","licenses":"MIT","normalized_licenses":["MIT"],"repository_url":"https://github.com/jshttp/cookie","keywords_array":["cookie","cookies"],"namespace":null,"versions_count":31,"first_release_published_at":"2012-05-28T23:56:12.299Z","latest_release_published_at":"2024-11-20T17:39:47.758Z","latest_release_number":"1.0.2","last_synced_at":"2025-06-05T18:30:44.188Z","created_at":"2022-04-09T05:43:14.528Z","updated_at":"2025-06-05T18:30:44.188Z","registry_url":"https://www.npmjs.com/package/cookie","install_command":"npm install cookie","documentation_url":null,"metadata":{"funding":null,"dist-tags":{"latest":"1.0.2"}},"repo_metadata":{"id":3424350,"uuid":"4475810","full_name":"jshttp/cookie","owner":"jshttp","description":"HTTP server cookie parsing and serialization","archived":false,"fork":false,"pushed_at":"2024-10-18T16:33:20.000Z","size":241,"stargazers_count":1350,"open_issues_count":5,"forks_count":155,"subscribers_count":30,"default_branch":"master","last_synced_at":"2024-10-30T20:44:58.498Z","etag":null,"topics":["cookie","http","javascript","nodejs"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jshttp.png","metadata":{"files":{"readme":"README.md","changelog":"HISTORY.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2012-05-28T23:47:31.000Z","updated_at":"2024-10-30T09:30:34.000Z","dependencies_parsed_at":"2024-04-29T08:26:05.603Z","dependency_job_id":"af24bcff-7d85-4c74-b520-494b41f630a9","html_url":"https://github.com/jshttp/cookie","commit_stats":{"total_commits":281,"total_committers":24,"mean_commits":"11.708333333333334","dds":"0.20284697508896798","last_synced_commit":"663c9aeb85c9e046ff2ad2cdec631afdd40a7965"},"previous_names":[],"tags_count":24,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jshttp","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":222364264,"owners_count":16972423,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"jshttp","name":"jshttp","uuid":"8325802","kind":"organization","description":"Low-Level JavaScript HTTP-related Modules","email":null,"website":"https://jshttp.github.io/","location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/8325802?v=4","repositories_count":29,"last_synced_at":"2024-04-16T08:37:30.344Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/jshttp","funding_links":[],"total_stars":9089,"followers":163,"following":0,"created_at":"2022-11-02T16:18:51.300Z","updated_at":"2024-04-16T08:37:36.746Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jshttp","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jshttp/repositories"},"tags":[{"name":"v0.6.0","sha":"38323bad3aa04bce840103ff6075bc05cc0bf884","kind":"tag","published_at":"2023-11-07T04:58:59.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.6.0","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.6.0/manifests"},{"name":"v0.5.0","sha":"663c9aeb85c9e046ff2ad2cdec631afdd40a7965","kind":"tag","published_at":"2022-04-11T23:30:47.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.5.0","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.5.0/manifests"},{"name":"v0.4.2","sha":"55bac40d944e65554ecce9e5d567d17fb62d9ccc","kind":"tag","published_at":"2022-02-02T23:28:08.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.4.2","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.4.2/manifests"},{"name":"v0.4.1","sha":"b22458dd9f7ca94705fd7ee25780836601b913aa","kind":"tag","published_at":"2020-04-22T03:19:37.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.4.1","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.4.1/manifests"},{"name":"v0.4.0","sha":"aec1177c7da67e3b3273df96cf476824dbc9ae09","kind":"tag","published_at":"2019-05-16T03:25:19.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.4.0","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.4.0/manifests"},{"name":"v0.3.1","sha":"e3c77d497d66c8b8d4b677b8954c1b192a09f0b3","kind":"tag","published_at":"2016-05-27T04:22:00.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.3.1","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.3.1/manifests"},{"name":"v0.3.0","sha":"91b733fbe29ae6fcfa305f8e8ff31a1c2e651feb","kind":"tag","published_at":"2016-05-26T21:21:07.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.3.0","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.3.0/manifests"},{"name":"v0.2.4","sha":"0c6fe48e2976d66ed73c03817bb5cb10180b50ee","kind":"tag","published_at":"2016-05-21T00:29:01.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.2.4","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.2.4/manifests"},{"name":"v0.2.3","sha":"35326af88e9665bb8ea1be280cb827523e9360a7","kind":"tag","published_at":"2015-10-26T01:01:23.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.2.3","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.2.3/manifests"},{"name":"v0.2.2","sha":"9b481be547730c5f487364b720ab298d097541d5","kind":"tag","published_at":"2015-09-17T20:39:34.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.2.2","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.2.2/manifests"},{"name":"v0.1.5","sha":"0dfc4876575cef2609cdc1082fccf832743822c2","kind":"tag","published_at":"2015-09-17T18:51:56.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.1.5","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.1.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.1.5/manifests"},{"name":"v0.2.1","sha":"f3b5262b23b8eb64c9cbebc6f6271894889b14b1","kind":"tag","published_at":"2015-09-17T17:06:53.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.2.1","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.2.1/manifests"},{"name":"v0.1.4","sha":"337c0f1be395c1b62b8cae4306a745012c62a989","kind":"tag","published_at":"2015-09-17T17:01:28.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.1.4","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.1.4/manifests"},{"name":"v0.2.0","sha":"e0d36be803099855dfa323de092eed97bec155bd","kind":"tag","published_at":"2015-08-14T05:14:23.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.2.0","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.2.0/manifests"},{"name":"v0.1.3","sha":"f46097723c16f920a7b9759e154c34792e1d1a3b","kind":"tag","published_at":"2015-05-20T01:08:33.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.1.3","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.1.3/manifests"},{"name":"v0.1.2","sha":"244dabd7bc3e2d3482b121c816b4b4e034822b6f","kind":"tag","published_at":"2014-04-16T23:00:27.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.1.2","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.1.2/manifests"},{"name":"v0.1.1","sha":"ae3cdb2296e7a2c1035d78c796a3fb4262639514","kind":"tag","published_at":"2014-02-23T15:56:22.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.1.1","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.1.1/manifests"},{"name":"v0.1.0","sha":"ccea5901180fc9c4c2c73bd4a445903faf7b1163","kind":"tag","published_at":"2013-05-01T19:17:56.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.1.0","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.1.0/manifests"},{"name":"v0.0.6","sha":"ea75ecd4bfcf800431cce0af4e42e7006b4db62a","kind":"tag","published_at":"2013-04-09T05:59:34.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.0.6","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.0.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.0.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.0.6/manifests"},{"name":"v0.0.5","sha":"cb6e63c61804d01a35e8e48353db8a4c6cef2b05","kind":"commit","published_at":"2012-10-29T17:24:16.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.0.5","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.0.5/manifests"},{"name":"v0.0.4","sha":"94ebc69c78c10d7d5d28dd9e570249b835235c7b","kind":"commit","published_at":"2012-06-21T16:26:36.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.0.4","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.0.4/manifests"},{"name":"v0.0.3","sha":"e0bc6d2d92e87d3b5300a55903a89bd572114920","kind":"commit","published_at":"2012-06-06T18:48:20.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.0.3","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.0.3/manifests"},{"name":"v0.0.2","sha":"bf5d0621eb38164d2d45e064c441fcd4d8ae80f5","kind":"commit","published_at":"2012-06-01T17:57:43.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.0.2","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.0.2/manifests"},{"name":"v0.0.1","sha":"408d14751376028c1a700c84f70c179262af0abe","kind":"commit","published_at":"2012-05-29T02:15:48.000Z","download_url":"https://codeload.github.com/jshttp/cookie/tar.gz/v0.0.1","html_url":"https://github.com/jshttp/cookie/releases/tag/v0.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jshttp%2Fcookie/tags/v0.0.1/manifests"}]},"repo_metadata_updated_at":"2024-11-01T21:36:13.237Z","dependent_packages_count":4117,"downloads":316599435,"downloads_period":"last-month","dependent_repos_count":2444047,"rankings":{"downloads":0.004216493388866924,"dependent_repos_count":0.010048396582559488,"dependent_packages_count":0.02102770728993375,"stargazers_count":2.211934100041508,"forks_count":2.5746894306200656,"docker_downloads_count":0.012594720512199904,"average":0.8057518080725222},"purl":"pkg:npm/cookie","advisories":[{"uuid":"GSA_kwCzR0hTQS1weGc2LXBmNTIteGg4eM4AA_9q","url":"https://github.com/advisories/GHSA-pxg6-pf52-xh8x","title":"cookie accepts cookie name, path, and domain with out of bounds characters","description":"### Impact\n\nThe cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. For example, `serialize(\"userName=\u003cscript\u003ealert('XSS3')\u003c/script\u003e; Max-Age=2592000; a\", value)` would result in `\"userName=\u003cscript\u003ealert('XSS3')\u003c/script\u003e; Max-Age=2592000; a=test\"`, setting `userName` cookie to `\u003cscript\u003e` and ignoring `value`.\n\nA similar escape can be used for `path` and `domain`, which could be abused to alter other fields of the cookie.\n\n### Patches\n\nUpgrade to 0.7.0, which updates the validation for `name`, `path`, and `domain`.\n\n### Workarounds\n\nAvoid passing untrusted or arbitrary values for these fields, ensure they are set by the application instead of user input.\n\n### References\n\n* https://github.com/jshttp/cookie/pull/167","origin":"UNSPECIFIED","severity":"LOW","published_at":"2024-10-04T20:31:00.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/jshttp/cookie/security/advisories/GHSA-pxg6-pf52-xh8x","https://github.com/jshttp/cookie/pull/167","https://github.com/jshttp/cookie/commit/e10042845354fea83bd8f34af72475eed1dadf5c","https://github.com/advisories/GHSA-pxg6-pf52-xh8x"],"source_kind":"github","identifiers":["GHSA-pxg6-pf52-xh8x","CVE-2024-47764"],"repository_url":"https://github.com/jshttp/cookie","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"0.7.0","vulnerable_version_range":"\u003c 0.7.0"}],"ecosystem":"npm","package_name":"cookie"}],"created_at":"2024-10-04T21:06:31.255Z","updated_at":"2025-05-11T01:09:09.575Z","epss_percentage":0.0004,"epss_percentile":0.11427}],"docker_usage_url":"https://docker.ecosyste.ms/usage/npm/cookie","docker_dependents_count":49766,"docker_downloads_count":7580161658,"usage_url":"https://repos.ecosyste.ms/usage/npm/cookie","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/npm/cookie/dependencies","status":null,"funding_links":[],"critical":true,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/cookie/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/cookie/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/cookie/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/cookie/related_packages","maintainers":[{"uuid":"dougwilson","login":"dougwilson","name":null,"email":"doug@somethingdoug.com","url":null,"packages_count":103,"html_url":"https://www.npmjs.com/~dougwilson","role":null,"created_at":"2022-11-10T12:10:01.859Z","updated_at":"2022-11-10T12:10:01.859Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/dougwilson/packages"},{"uuid":"blakeembrey","login":"blakeembrey","name":null,"email":"hello@blakeembrey.com","url":null,"packages_count":233,"html_url":"https://www.npmjs.com/~blakeembrey","role":null,"created_at":"2024-10-31T06:03:47.800Z","updated_at":"2024-10-31T06:03:47.800Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/blakeembrey/packages"}],"registry":{"name":"npmjs.org","url":"https://registry.npmjs.org","ecosystem":"npm","default":true,"packages_count":5006537,"maintainers_count":1012932,"namespaces_count":295512,"keywords_count":700181,"github":"npm","metadata":{"funded_packages_count":150239},"icon_url":"https://github.com/npm.png","created_at":"2022-04-04T15:19:23.081Z","updated_at":"2025-06-06T05:58:05.971Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/namespaces"}},"unique_repositories_count":3903,"unique_repositories_count_past_30_days":39,"recent_issues":[{"uuid":"4522954470","node_id":"PR_kwDOGxPQGc7fWCwC","number":6,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 31 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-26T09:10:49.000Z","updated_at":"2026-05-26T09:17:29.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":31,"packages":[{"name":"swiper","old_version":"8.0.2","new_version":"12.1.2","repository_url":"https://github.com/nolimits4web/Swiper"},{"name":"postcss","old_version":"8.4.6","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"@babel/helpers","old_version":"7.16.7","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.16.7","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"ajv","old_version":"8.9.0","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"axios","old_version":"0.21.4","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"cookie","old_version":"0.4.1","new_version":"0.7.2","repository_url":"https://github.com/jshttp/cookie"},{"name":"express","old_version":"4.17.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"ejs","old_version":"3.1.6","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"flatted","old_version":"3.2.5","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"http-proxy-middleware","old_version":"2.0.2","new_version":"2.0.9","repository_url":"https://github.com/chimurai/http-proxy-middleware"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"node-forge","old_version":"1.2.1","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"react-router","old_version":"6.2.1","new_version":"6.30.3","repository_url":"https://github.com/remix-run/react-router"},{"name":"rollup","old_version":"2.66.1","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"webpack","old_version":"5.68.0","new_version":"5.107.2","repository_url":"https://github.com/webpack/webpack"},{"name":"ws","old_version":"8.4.2","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"ws","old_version":"7.5.6","new_version":"7.5.11","repository_url":"https://github.com/websockets/ws"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 25 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [swiper](https://github.com/nolimits4web/Swiper) | `8.0.2` | `12.1.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.4.6` | `8.5.10` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.16.7` | `7.29.7` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.16.7` | `7.29.7` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.9.0` | `8.20.0` |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [cookie](https://github.com/jshttp/cookie) | `0.4.1` | `0.7.2` |\n| [express](https://github.com/expressjs/express) | `4.17.2` | `4.22.2` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.5` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.2` | `2.0.9` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.2.1` | `1.4.0` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `6.2.1` | `6.30.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.66.1` | `2.80.0` |\n| [webpack](https://github.com/webpack/webpack) | `5.68.0` | `5.107.2` |\n| [ws](https://github.com/websockets/ws) | `8.4.2` | `8.21.0` |\n| [ws](https://github.com/websockets/ws) | `7.5.6` | `7.5.11` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n\n\nUpdates `swiper` from 8.0.2 to 12.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nolimits4web/Swiper/releases\"\u003eswiper's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev12.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev12.1.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ea11y:\u003c/strong\u003e fix focus in virtual mode enabled (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e3055008\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8147\"\u003e#8147\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e60b0052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8156\"\u003e#8156\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e07738a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e6bf76d5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.1.0\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eautoplay:\u003c/strong\u003e broken custom delay percentages with pause/resume (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8133\"\u003e#8133\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0afecde9781268a60a92f752ea3a3a92420e2dcf\"\u003e0afecde\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Don't use \u003ccode\u003edata-swiper-slide-index\u003c/code\u003e for \u003ccode\u003erealIndex\u003c/code\u003e when virtual module is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8142\"\u003e#8142\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/bd957f8396f711b83dc1bc6b3d42a59e6d6539d2\"\u003ebd957f8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Escape all CSS selector special characters (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/d35f41a85bd1793de58358d06300440e09187a6d\"\u003ed35f41a\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8135\"\u003e#8135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support slidesOffsetBefore and slidesOffsetAfert in cssMode (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e45b98d0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/7926\"\u003e#7926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix lazy preloader removal error in react in vue (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/332f5c77005921c8a260f199cdfe6d3aa5d209a1\"\u003e332f5c7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8149\"\u003e#8149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ethumbs:\u003c/strong\u003e update slide classes on virtual swiper update (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8141\"\u003e#8141\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/975277111b73f389043cb0ed19feee0244a80f57\"\u003e9752771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Add \u003ccode\u003eautoScroll\u003c/code\u003e to \u003ccode\u003ethumbs.update\u003c/code\u003e type signature (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8146\"\u003e#8146\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/5d91e6edb4ce35d70019616b51f1e380feb9a082\"\u003e5d91e6e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ezoom:\u003c/strong\u003e initialize gesture state after programmatic zoom (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8112\"\u003e#8112\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/71e9511802c34482bc8b66abda19a1a518d88d36\"\u003e71e9511\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ekeyboard:\u003c/strong\u003e add support for custom speed parameter in keyboard navigation (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8148\"\u003e#8148\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/7a4a0e5fc3c85710a37ab021328e083fc3b14e16\"\u003e7a4a0e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enew snapToSlideEdge parameter (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/de3131fbf72cccbf1d1473f787ddf15c74612584\"\u003ede3131f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8021\"\u003e#8021\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/4780\"\u003e#4780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eelement:\u003c/strong\u003e fixed reference to nav arrows SVG (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0b17ecf56bf941e4a5da2a2c171d5e16a9e4552b\"\u003e0b17ecf\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8115\"\u003e#8115\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e add 'getRotateFix' export to effect utils (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/c97ae5d0069cf3d5c745efb63ced9924a64d2453\"\u003ec97ae5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8114\"\u003e#8114\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.2\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e add styles for when buttons set before slider (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/4588c5719d4d828548c34f456de099f621f4c709\"\u003e4588c57\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8085\"\u003e#8085\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e new \u003ccode\u003eaddIcons\u003c/code\u003e parameter to add SVG icons to nav buttons (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/b955b0c15c3b813bbda7a68cdd250f8a822015df\"\u003eb955b0c\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8088\"\u003e#8088\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8087\"\u003e#8087\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e tweak nav styles when adjacent (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/98440d9621c2b06c1c45edf8f4103ce5125e8231\"\u003e98440d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.0\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nolimits4web/swiper/blob/master/CHANGELOG.md\"\u003eswiper's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.1.3...v12.1.4\"\u003e12.1.4\u003c/a\u003e (2026-04-29)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove redundant aria-disabled=false from swiper nav button (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8176\"\u003e#8176\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/673092978a54ee3aff82633dd50880011a2a362f\"\u003e6730929\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epackage:\u003c/strong\u003e add TS declarations for CSS files (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/ea3081b8c5863b297a240a0698804121c9e6c118\"\u003eea3081b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8055\"\u003e#8055\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ereact:\u003c/strong\u003e expose isFullyVisible in SwiperSlide render props (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8175\"\u003e#8175\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/3af0002acfc18a5ec450b3a2354d6187a64797e8\"\u003e3af0002\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.1.1...v12.1.3\"\u003e12.1.3\u003c/a\u003e (2026-03-24)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e use virtual slides count in onResize when virtual mode is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8163\"\u003e#8163\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/44000834d05ac339a9c4dfbaaa3f60c1a0631cff\"\u003e4400083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003egrid:\u003c/strong\u003e round down \u003ccode\u003eslidesPerView\u003c/code\u003e before calculating number of slides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8172\"\u003e#8172\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/49a55ab2c89c63679cdd21d389ec7ef9d9d375f4\"\u003e49a55ab\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eelement:\u003c/strong\u003e add navigation button slots (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/cc8224177d5f577b672e37b9386f7388d71ba3c3\"\u003ecc82241\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.1.0...v12.1.1\"\u003e12.1.1\u003c/a\u003e (2026-02-13)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ea11y:\u003c/strong\u003e fix focus in virtual mode enabled (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e3055008\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8147\"\u003e#8147\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e60b0052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8156\"\u003e#8156\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e07738a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e6bf76d5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.0.3...v12.1.0\"\u003e12.1.0\u003c/a\u003e (2026-01-28)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eautoplay:\u003c/strong\u003e broken custom delay percentages with pause/resume (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8133\"\u003e#8133\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0afecde9781268a60a92f752ea3a3a92420e2dcf\"\u003e0afecde\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Don't use \u003ccode\u003edata-swiper-slide-index\u003c/code\u003e for \u003ccode\u003erealIndex\u003c/code\u003e when virtual module is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8142\"\u003e#8142\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/bd957f8396f711b83dc1bc6b3d42a59e6d6539d2\"\u003ebd957f8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Escape all CSS selector special characters (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/d35f41a85bd1793de58358d06300440e09187a6d\"\u003ed35f41a\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8135\"\u003e#8135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support slidesOffsetBefore and slidesOffsetAfert in cssMode (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e45b98d0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/7926\"\u003e#7926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix lazy preloader removal error in react in vue (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/332f5c77005921c8a260f199cdfe6d3aa5d209a1\"\u003e332f5c7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8149\"\u003e#8149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ethumbs:\u003c/strong\u003e update slide classes on virtual swiper update (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8141\"\u003e#8141\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/975277111b73f389043cb0ed19feee0244a80f57\"\u003e9752771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Add \u003ccode\u003eautoScroll\u003c/code\u003e to \u003ccode\u003ethumbs.update\u003c/code\u003e type signature (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8146\"\u003e#8146\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/5d91e6edb4ce35d70019616b51f1e380feb9a082\"\u003e5d91e6e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ezoom:\u003c/strong\u003e initialize gesture state after programmatic zoom (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8112\"\u003e#8112\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/71e9511802c34482bc8b66abda19a1a518d88d36\"\u003e71e9511\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ekeyboard:\u003c/strong\u003e add support for custom speed parameter in keyboard navigation (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8148\"\u003e#8148\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/7a4a0e5fc3c85710a37ab021328e083fc3b14e16\"\u003e7a4a0e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enew snapToSlideEdge parameter (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/de3131fbf72cccbf1d1473f787ddf15c74612584\"\u003ede3131f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8021\"\u003e#8021\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/4780\"\u003e#4780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/2fd88b718b6854e8d6be7f183e68b73b68dae816\"\u003e\u003ccode\u003e2fd88b7\u003c/code\u003e\u003c/a\u003e 12.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/d3e663322a13043ca63aaba235d8cf3900e0c8cf\"\u003e\u003ccode\u003ed3e6633\u003c/code\u003e\u003c/a\u003e fix prototype pollution bypass in extend() util\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/70c48c16f99affa29236ac13b16a37f43da38ae0\"\u003e\u003ccode\u003e70c48c1\u003c/code\u003e\u003c/a\u003e 12.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e\u003ccode\u003e3055008\u003c/code\u003e\u003c/a\u003e fix(a11y): fix focus in virtual mode enabled\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e\u003ccode\u003e60b0052\u003c/code\u003e\u003c/a\u003e fix(core): avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e\u003ccode\u003e6bf76d5\u003c/code\u003e\u003c/a\u003e fix(types): support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e\u003ccode\u003e07738a2\u003c/code\u003e\u003c/a\u003e fix(core): prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8\"\u003e#8\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/3a1777aa7aefe168eac330f308cedd8c3f4a81e4\"\u003e\u003ccode\u003e3a1777a\u003c/code\u003e\u003c/a\u003e 12.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/3bc6cfe55421053864f6f53494841959748f332a\"\u003e\u003ccode\u003e3bc6cfe\u003c/code\u003e\u003c/a\u003e 12.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e\u003ccode\u003e45b98d0\u003c/code\u003e\u003c/a\u003e fix(core): support slidesOffsetBefore and slidesOffsetAfert in cssMode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v8.0.2...v12.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.4.6 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003ePostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e during \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/1995\"\u003ehis work\u003c/a\u003e on \u003ca href=\"https://stylelint.io\"\u003eStylelint\u003c/a\u003e added \u003ccode\u003eInput#document\u003c/code\u003e in additional to \u003ccode\u003eInput#css\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eroot.source.input.document //=\u0026gt; \u0026quot;\u0026lt;p\u0026gt;Hello\u0026lt;/p\u0026gt;\r\n                           //    \u0026lt;style\u0026gt;\r\n                           //    p {\r\n                           //      color: green;\r\n                           //    }\r\n                           //    \u0026lt;/style\u0026gt;\u0026quot;\r\nroot.source.input.css      //=\u0026gt; \u0026quot;p {\r\n                           //      color: green;\r\n                           //    }\u0026quot;\r\n\u003cp\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eInput#document\u003c/code\u003e for sources like CSS-in-JS or HTML (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.4.49\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax without \u003ccode\u003esource.offset\u003c/code\u003e (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.4.6...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.16.7 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/helpers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.16.7 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 8.9.0 to 8.20.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 0.21.4 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.21.4...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in...\n\n_Description has been truncated_","html_url":"https://github.com/muhammadali1995/muck-23/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/muhammadali1995%2Fmuck-23/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4520161722","node_id":"PR_kwDOSb0Yws7fM90G","number":9,"state":"open","title":"Bump the production-dependencies group across 1 directory with 37 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T23:45:30.000Z","updated_at":"2026-05-25T23:48:42.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"production-dependencies","update_count":37,"packages":[{"name":"oxlint-tsgolint","old_version":"0.22.1","new_version":"0.23.0","repository_url":"https://github.com/oxc-project/tsgolint"},{"name":"fumadocs-core","old_version":"16.8.11","new_version":"16.9.1","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"fumadocs-mdx","old_version":"15.0.4","new_version":"15.0.8","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"fumadocs-ui","old_version":"16.8.11","new_version":"16.9.1","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"@types/node","old_version":"25.8.0","new_version":"25.9.1","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"@types/react","old_version":"19.2.14","new_version":"19.2.15","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"react-email","old_version":"6.1.4","new_version":"6.3.3","repository_url":"https://github.com/resend/react-email"},{"name":"@tanstack/react-query","old_version":"5.100.10","new_version":"5.100.14","repository_url":"https://github.com/TanStack/query"},{"name":"@scalar/hono-api-reference","old_version":"0.10.14","new_version":"0.10.19","repository_url":"https://github.com/scalar/scalar"},{"name":"nodemailer","old_version":"8.0.7","new_version":"8.0.8","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"resend","old_version":"6.12.3","new_version":"6.12.4","repository_url":"https://github.com/resend/resend-node"},{"name":"dodopayments","old_version":"2.31.2","new_version":"2.32.0","repository_url":"https://github.com/dodopayments/dodopayments-typescript"},{"name":"@ai-sdk/anthropic","old_version":"3.0.77","new_version":"3.0.79","repository_url":"https://github.com/vercel/ai"},{"name":"@ai-sdk/openai","old_version":"3.0.63","new_version":"3.0.65","repository_url":"https://github.com/vercel/ai"},{"name":"@ai-sdk/react","old_version":"3.0.184","new_version":"3.0.193","repository_url":"https://github.com/vercel/ai"},{"name":"@aws-sdk/client-s3","old_version":"3.1046.0","new_version":"3.1053.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@aws-sdk/s3-request-presigner","old_version":"3.1046.0","new_version":"3.1053.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@hookform/resolvers","old_version":"5.2.2","new_version":"5.4.0","repository_url":"https://github.com/react-hook-form/resolvers"},{"name":"@shikijs/rehype","old_version":"4.0.2","new_version":"4.1.0","repository_url":"https://github.com/shikijs/shiki"},{"name":"@vitest/coverage-v8","old_version":"4.1.6","new_version":"4.1.7","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"ai","old_version":"6.0.182","new_version":"6.0.191","repository_url":"https://github.com/vercel/ai"},{"name":"cookie","old_version":"0.7.2","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"},{"name":"date-fns","old_version":"4.1.0","new_version":"4.3.0","repository_url":"https://github.com/date-fns/date-fns"},{"name":"dotenv","old_version":"16.6.1","new_version":"17.4.2","repository_url":"https://github.com/motdotla/dotenv"},{"name":"es-toolkit","old_version":"1.46.1","new_version":"1.47.0","repository_url":"https://github.com/toss/es-toolkit"},{"name":"hono","old_version":"4.12.16","new_version":"4.12.23","repository_url":"https://github.com/honojs/hono"},{"name":"js-cookie","old_version":"3.0.5","new_version":"3.0.7","repository_url":"https://github.com/js-cookie/js-cookie"},{"name":"nanoid","old_version":"3.3.12","new_version":"5.1.11","repository_url":"https://github.com/ai/nanoid"},{"name":"openai","old_version":"6.37.0","new_version":"6.39.0","repository_url":"https://github.com/openai/openai-node"},{"name":"oxfmt","old_version":"0.49.0","new_version":"0.51.0","repository_url":"https://github.com/oxc-project/oxc"},{"name":"oxlint","old_version":"1.64.0","new_version":"1.66.0","repository_url":"https://github.com/oxc-project/oxc"},{"name":"pg","old_version":"8.20.0","new_version":"8.21.0","repository_url":"https://github.com/brianc/node-postgres"},{"name":"postcss","old_version":"8.5.14","new_version":"8.5.15","repository_url":"https://github.com/postcss/postcss"},{"name":"react-hook-form","old_version":"7.75.0","new_version":"7.76.1","repository_url":"https://github.com/react-hook-form/react-hook-form"},{"name":"tsx","old_version":"4.21.0","new_version":"4.22.3","repository_url":"https://github.com/privatenumber/tsx"},{"name":"uuid","old_version":"9.0.1","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"vitest","old_version":"4.1.6","new_version":"4.1.7","repository_url":"https://github.com/vitest-dev/vitest"}],"path":null,"ecosystem":"npm"},"body":"Bumps the production-dependencies group with 37 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [oxlint-tsgolint](https://github.com/oxc-project/tsgolint) | `0.22.1` | `0.23.0` |\n| [fumadocs-core](https://github.com/fuma-nama/fumadocs) | `16.8.11` | `16.9.1` |\n| [fumadocs-mdx](https://github.com/fuma-nama/fumadocs) | `15.0.4` | `15.0.8` |\n| [fumadocs-ui](https://github.com/fuma-nama/fumadocs) | `16.8.11` | `16.9.1` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.8.0` | `25.9.1` |\n| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.15` |\n| [react-email](https://github.com/resend/react-email/tree/HEAD/packages/react-email) | `6.1.4` | `6.3.3` |\n| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.100.10` | `5.100.14` |\n| [@scalar/hono-api-reference](https://github.com/scalar/scalar/tree/HEAD/integrations/hono) | `0.10.14` | `0.10.19` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `8.0.7` | `8.0.8` |\n| [resend](https://github.com/resend/resend-node) | `6.12.3` | `6.12.4` |\n| [dodopayments](https://github.com/dodopayments/dodopayments-typescript) | `2.31.2` | `2.32.0` |\n| [@ai-sdk/anthropic](https://github.com/vercel/ai/tree/HEAD/packages/anthropic) | `3.0.77` | `3.0.79` |\n| [@ai-sdk/openai](https://github.com/vercel/ai/tree/HEAD/packages/openai) | `3.0.63` | `3.0.65` |\n| [@ai-sdk/react](https://github.com/vercel/ai/tree/HEAD/packages/react) | `3.0.184` | `3.0.193` |\n| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1046.0` | `3.1053.0` |\n| [@aws-sdk/s3-request-presigner](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner) | `3.1046.0` | `3.1053.0` |\n| [@hookform/resolvers](https://github.com/react-hook-form/resolvers) | `5.2.2` | `5.4.0` |\n| [@shikijs/rehype](https://github.com/shikijs/shiki/tree/HEAD/packages/rehype) | `4.0.2` | `4.1.0` |\n| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.6` | `4.1.7` |\n| [ai](https://github.com/vercel/ai/tree/HEAD/packages/ai) | `6.0.182` | `6.0.191` |\n| [cookie](https://github.com/jshttp/cookie) | `0.7.2` | `1.1.1` |\n| [date-fns](https://github.com/date-fns/date-fns) | `4.1.0` | `4.3.0` |\n| [dotenv](https://github.com/motdotla/dotenv) | `16.6.1` | `17.4.2` |\n| [es-toolkit](https://github.com/toss/es-toolkit) | `1.46.1` | `1.47.0` |\n| [hono](https://github.com/honojs/hono) | `4.12.16` | `4.12.23` |\n| [js-cookie](https://github.com/js-cookie/js-cookie) | `3.0.5` | `3.0.7` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.12` | `5.1.11` |\n| [openai](https://github.com/openai/openai-node) | `6.37.0` | `6.39.0` |\n| [oxfmt](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxfmt) | `0.49.0` | `0.51.0` |\n| [oxlint](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxlint) | `1.64.0` | `1.66.0` |\n| [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.20.0` | `8.21.0` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.14` | `8.5.15` |\n| [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.75.0` | `7.76.1` |\n| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.3` |\n| [uuid](https://github.com/uuidjs/uuid) | `9.0.1` | `14.0.0` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.6` | `4.1.7` |\n\n\nUpdates `oxlint-tsgolint` from 0.22.1 to 0.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/oxc-project/tsgolint/releases\"\u003eoxlint-tsgolint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): update crate-ci/typos action to v1.45.2 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/915\"\u003eoxc-project/tsgolint#915\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add skill for upgrading typescript-go by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/918\"\u003eoxc-project/tsgolint#918\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update pnpm to v10.33.2 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/921\"\u003eoxc-project/tsgolint#921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update typescript-go submodule by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/922\"\u003eoxc-project/tsgolint#922\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: attach tsconfig path to diagnostics by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/923\"\u003eoxc-project/tsgolint#923\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(prefer-nullish-coalescing): parenthesize mixed logical fixes by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/924\"\u003eoxc-project/tsgolint#924\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etests(return-await): cover non-async arrow functions by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/926\"\u003eoxc-project/tsgolint#926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update github.com/go-json-experiment/json digest to b6187a3 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/927\"\u003eoxc-project/tsgolint#927\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update github actions by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/928\"\u003eoxc-project/tsgolint#928\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update crate-ci/typos action to v1.46.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/929\"\u003eoxc-project/tsgolint#929\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update module github.com/dlclark/regexp2 to v2 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/930\"\u003eoxc-project/tsgolint#930\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update typescript-go submodule by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/931\"\u003eoxc-project/tsgolint#931\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update typescript-go digest to 48e2953 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/933\"\u003eoxc-project/tsgolint#933\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update typescript-go digest to 5eb880f by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/936\"\u003eoxc-project/tsgolint#936\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(no-misused-promises): handle empty JSX attributes by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/938\"\u003eoxc-project/tsgolint#938\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(no-unsafe-enum-comparison): flag string literal unions by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/937\"\u003eoxc-project/tsgolint#937\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update typescript-go digest to e1f8f97 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/939\"\u003eoxc-project/tsgolint#939\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update typescript-go digest to 092b34f by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/940\"\u003eoxc-project/tsgolint#940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: configure typescript-go renovate schedule by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/941\"\u003eoxc-project/tsgolint#941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update github actions by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/945\"\u003eoxc-project/tsgolint#945\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency dprint-typescript to v0.96.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/947\"\u003eoxc-project/tsgolint#947\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update gomod by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/946\"\u003eoxc-project/tsgolint#946\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update crate-ci/typos action to v1.46.1 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/948\"\u003eoxc-project/tsgolint#948\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(prefer-nullish-coalescing): emit suggestion over fix by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/951\"\u003eoxc-project/tsgolint#951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update packageManager to pnpm 11.0.4 by \u003ca href=\"https://github.com/Boshen\"\u003e\u003ccode\u003e@​Boshen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/953\"\u003eoxc-project/tsgolint#953\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update typescript-go submodule by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/955\"\u003eoxc-project/tsgolint#955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(no-nullable-type-assertion-style): use suggestion instead of fix by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/956\"\u003eoxc-project/tsgolint#956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update Go version requirement to 1.26 in CONTRIBUTING.md. by \u003ca href=\"https://github.com/connorshea\"\u003e\u003ccode\u003e@​connorshea\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/957\"\u003eoxc-project/tsgolint#957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: allow safe promise intersection members by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/959\"\u003eoxc-project/tsgolint#959\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: switch security workflow to ubuntu-latest by \u003ca href=\"https://github.com/Boshen\"\u003e\u003ccode\u003e@​Boshen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/962\"\u003eoxc-project/tsgolint#962\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency vitest to v4.1.6 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/963\"\u003eoxc-project/tsgolint#963\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update module github.com/dlclark/regexp2/v2 to v2.0.3 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/964\"\u003eoxc-project/tsgolint#964\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency dprint-markdown to v0.22.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/965\"\u003eoxc-project/tsgolint#965\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update github actions by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/966\"\u003eoxc-project/tsgolint#966\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(no-unnecessary-type-parameters): stop counting settled candidates by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/967\"\u003eoxc-project/tsgolint#967\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add \u003ccode\u003edprint\u003c/code\u003e to pnpm \u003ccode\u003eallowBuilds\u003c/code\u003e by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/968\"\u003eoxc-project/tsgolint#968\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/oxc-project/tsgolint/compare/v0.22.1...v0.23.0\"\u003ehttps://github.com/oxc-project/tsgolint/compare/v0.22.1...v0.23.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/0e575fae8407227601f66c1d8d8927a535aea58b\"\u003e\u003ccode\u003e0e575fa\u003c/code\u003e\u003c/a\u003e chore: add \u003ccode\u003edprint\u003c/code\u003e to pnpm \u003ccode\u003eallowBuilds\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/968\"\u003e#968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/bb8886bef7ae76cf3280852228a05214c54f2a83\"\u003e\u003ccode\u003ebb8886b\u003c/code\u003e\u003c/a\u003e perf(no-unnecessary-type-parameters): stop counting settled candidates (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/967\"\u003e#967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/90be7b2609efd2bcae290b09e4835fe9ae52c63e\"\u003e\u003ccode\u003e90be7b2\u003c/code\u003e\u003c/a\u003e chore(deps): update github actions (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/966\"\u003e#966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/cdae358c525a9a93ab48af36b51ae2a6c740830d\"\u003e\u003ccode\u003ecdae358\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency dprint-markdown to v0.22.0 (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/965\"\u003e#965\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/d356c9e3d66d0b4fbe1b7353fcf5b8f857d6ed80\"\u003e\u003ccode\u003ed356c9e\u003c/code\u003e\u003c/a\u003e chore(deps): update module github.com/dlclark/regexp2/v2 to v2.0.3 (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/964\"\u003e#964\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/7cba6be4c0d972578d14e52c7a454a0a15961727\"\u003e\u003ccode\u003e7cba6be\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency vitest to v4.1.6 (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/963\"\u003e#963\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/1dcd2a6f4138f4b9a273a231def838995ac589e5\"\u003e\u003ccode\u003e1dcd2a6\u003c/code\u003e\u003c/a\u003e ci: switch security workflow to ubuntu-latest (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/962\"\u003e#962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/b4f66246a62ea03d7cd664bf940d2f978c2068d5\"\u003e\u003ccode\u003eb4f6624\u003c/code\u003e\u003c/a\u003e fix: allow safe promise intersection members (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/959\"\u003e#959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/233eeb35db9d698db67c4d4247963047ceb30fb7\"\u003e\u003ccode\u003e233eeb3\u003c/code\u003e\u003c/a\u003e docs: Update Go version requirement to 1.26 in CONTRIBUTING.md. (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/957\"\u003e#957\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/8bd37abc596e5dd0d54ec6625b6c2a77922b7ca4\"\u003e\u003ccode\u003e8bd37ab\u003c/code\u003e\u003c/a\u003e fix(no-nullable-type-assertion-style): use suggestion instead of fix (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/956\"\u003e#956\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/oxc-project/tsgolint/compare/v0.22.1...v0.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fumadocs-core` from 16.8.11 to 16.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fuma-nama/fumadocs/releases\"\u003efumadocs-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003efumadocs-core@16.9.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ee77b9b3: Introduce \u003ccode\u003epagesIndex\u003c/code\u003e property to explicitly define the index page for folder\u003c/li\u003e\n\u003cli\u003e334c8fd: [i18n] support different orders of \u003ccode\u003epreset()\u003c/code\u003e calls\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003efumadocs-core@16.8.12\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e768b676: Standardize \u003ccode\u003estructuredData\u003c/code\u003e in page data\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/4aa30828a14af31d5dc31fcccf0419159badaf39\"\u003e\u003ccode\u003e4aa3082\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3301\"\u003e#3301\u003c/a\u003e from fuma-nama/changeset-release/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/e77b9b3dea6e6071b72ab558382b046d7f78e10b\"\u003e\u003ccode\u003ee77b9b3\u003c/code\u003e\u003c/a\u003e feat(core): Introduce \u003ccode\u003epagesIndex\u003c/code\u003e property to explicitly define the index pa...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/dca5b4992926dcde9f204490a28799bb9b6f8a8c\"\u003e\u003ccode\u003edca5b49\u003c/code\u003e\u003c/a\u003e fix(mdx): fix compatibility with \u003ccode\u003e?raw\u003c/code\u003e query string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/334c8fd19014eeae36cafb38ce8794818ce95083\"\u003e\u003ccode\u003e334c8fd\u003c/code\u003e\u003c/a\u003e feat(core): support different orders of \u003ccode\u003epreset()\u003c/code\u003e calls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/bbf936c0203869affd855293f1a44850c8b90620\"\u003e\u003ccode\u003ebbf936c\u003c/code\u003e\u003c/a\u003e docs: introduce i18n support for story\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/07a06b41a7b00c31b909adca8011217dbecdae5a\"\u003e\u003ccode\u003e07a06b4\u003c/code\u003e\u003c/a\u003e chore: use Waku for stackblitz example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/97c9ad305e8a61576b25b724e56272f7b85bee73\"\u003e\u003ccode\u003e97c9ad3\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/da4d897c8d9357d574eebdc1fa9ac92e382ad9a0\"\u003e\u003ccode\u003eda4d897\u003c/code\u003e\u003c/a\u003e fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/5a5e5c8a504f3673ee5174c347f8cf2226ce6d13\"\u003e\u003ccode\u003e5a5e5c8\u003c/code\u003e\u003c/a\u003e add separate example for demo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/e4710be8663c7f1695a30efbf6f42e8a2cbf7fec\"\u003e\u003ccode\u003ee4710be\u003c/code\u003e\u003c/a\u003e Docs: introduce new i18n API\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fuma-nama/fumadocs/compare/fumadocs-core@16.8.11...fumadocs-core@16.9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fumadocs-mdx` from 15.0.4 to 15.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fuma-nama/fumadocs/releases\"\u003efumadocs-mdx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003efumadocs-mdx@15.0.8\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edca5b49: Fix compatibility with \u003ccode\u003e?raw\u003c/code\u003e query string\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [e77b9b3]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [334c8fd]\n\u003cul\u003e\n\u003cli\u003efumadocs-core@16.9.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003efumadocs-mdx@15.0.7\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e768b676: Standardize \u003ccode\u003estructuredData\u003c/code\u003e in page data\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [768b676]\n\u003cul\u003e\n\u003cli\u003efumadocs-core@16.8.12\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003efumadocs-mdx@15.0.6\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eda4a81a: Update vite configs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003efumadocs-mdx@15.0.5\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1fb6a61: Support custom base directory for content sources\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/4aa30828a14af31d5dc31fcccf0419159badaf39\"\u003e\u003ccode\u003e4aa3082\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3301\"\u003e#3301\u003c/a\u003e from fuma-nama/changeset-release/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/e77b9b3dea6e6071b72ab558382b046d7f78e10b\"\u003e\u003ccode\u003ee77b9b3\u003c/code\u003e\u003c/a\u003e feat(core): Introduce \u003ccode\u003epagesIndex\u003c/code\u003e property to explicitly define the index pa...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/dca5b4992926dcde9f204490a28799bb9b6f8a8c\"\u003e\u003ccode\u003edca5b49\u003c/code\u003e\u003c/a\u003e fix(mdx): fix compatibility with \u003ccode\u003e?raw\u003c/code\u003e query string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/334c8fd19014eeae36cafb38ce8794818ce95083\"\u003e\u003ccode\u003e334c8fd\u003c/code\u003e\u003c/a\u003e feat(core): support different orders of \u003ccode\u003epreset()\u003c/code\u003e calls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/bbf936c0203869affd855293f1a44850c8b90620\"\u003e\u003ccode\u003ebbf936c\u003c/code\u003e\u003c/a\u003e docs: introduce i18n support for story\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/07a06b41a7b00c31b909adca8011217dbecdae5a\"\u003e\u003ccode\u003e07a06b4\u003c/code\u003e\u003c/a\u003e chore: use Waku for stackblitz example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/97c9ad305e8a61576b25b724e56272f7b85bee73\"\u003e\u003ccode\u003e97c9ad3\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/da4d897c8d9357d574eebdc1fa9ac92e382ad9a0\"\u003e\u003ccode\u003eda4d897\u003c/code\u003e\u003c/a\u003e fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/5a5e5c8a504f3673ee5174c347f8cf2226ce6d13\"\u003e\u003ccode\u003e5a5e5c8\u003c/code\u003e\u003c/a\u003e add separate example for demo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/e4710be8663c7f1695a30efbf6f42e8a2cbf7fec\"\u003e\u003ccode\u003ee4710be\u003c/code\u003e\u003c/a\u003e Docs: introduce new i18n API\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fuma-nama/fumadocs/compare/fumadocs-mdx@15.0.4...fumadocs-mdx@15.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fumadocs-ui` from 16.8.11 to 16.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fuma-nama/fumadocs/releases\"\u003efumadocs-ui's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003efumadocs-ui@16.9.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [e77b9b3]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [334c8fd]\n\u003cul\u003e\n\u003cli\u003efumadocs-core@16.9.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003efumadocs-ui@16.8.12\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [768b676]\n\u003cul\u003e\n\u003cli\u003efumadocs-core@16.8.12\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/4aa30828a14af31d5dc31fcccf0419159badaf39\"\u003e\u003ccode\u003e4aa3082\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3301\"\u003e#3301\u003c/a\u003e from fuma-nama/changeset-release/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/e77b9b3dea6e6071b72ab558382b046d7f78e10b\"\u003e\u003ccode\u003ee77b9b3\u003c/code\u003e\u003c/a\u003e feat(core): Introduce \u003ccode\u003epagesIndex\u003c/code\u003e property to explicitly define the index pa...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/dca5b4992926dcde9f204490a28799bb9b6f8a8c\"\u003e\u003ccode\u003edca5b49\u003c/code\u003e\u003c/a\u003e fix(mdx): fix compatibility with \u003ccode\u003e?raw\u003c/code\u003e query string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/334c8fd19014eeae36cafb38ce8794818ce95083\"\u003e\u003ccode\u003e334c8fd\u003c/code\u003e\u003c/a\u003e feat(core): support different orders of \u003ccode\u003epreset()\u003c/code\u003e calls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/bbf936c0203869affd855293f1a44850c8b90620\"\u003e\u003ccode\u003ebbf936c\u003c/code\u003e\u003c/a\u003e docs: introduce i18n support for story\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/07a06b41a7b00c31b909adca8011217dbecdae5a\"\u003e\u003ccode\u003e07a06b4\u003c/code\u003e\u003c/a\u003e chore: use Waku for stackblitz example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/97c9ad305e8a61576b25b724e56272f7b85bee73\"\u003e\u003ccode\u003e97c9ad3\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/da4d897c8d9357d574eebdc1fa9ac92e382ad9a0\"\u003e\u003ccode\u003eda4d897\u003c/code\u003e\u003c/a\u003e fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/5a5e5c8a504f3673ee5174c347f8cf2226ce6d13\"\u003e\u003ccode\u003e5a5e5c8\u003c/code\u003e\u003c/a\u003e add separate example for demo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/e4710be8663c7f1695a30efbf6f42e8a2cbf7fec\"\u003e\u003ccode\u003ee4710be\u003c/code\u003e\u003c/a\u003e Docs: introduce new i18n API\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fuma-nama/fumadocs/compare/fumadocs-ui@16.8.11...fumadocs-ui@16.9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.8.0 to 25.9.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/react` from 19.2.14 to 19.2.15\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-email` from 6.1.4 to 6.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/resend/react-email/releases\"\u003ereact-email's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ereact-email@6.3.3\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ereact-email@6.3.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efbda5c8: increase whitespace padding to 200 characters for better Gmail preview text rendering\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ereact-email@6.3.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec610dc0: fix: padding in Container/Section failing on Klaviyo and Outlook desktop\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ereact-email@6.3.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ereact-email@6.2.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e192d82a: Add \u003ccode\u003etheme\u003c/code\u003e and \u003ccode\u003eutility\u003c/code\u003e props to \u003ccode\u003e\u0026lt;Tailwind\u0026gt;\u003c/code\u003e for Tailwind v4 CSS-first configuration. Both accept a CSS string and can be combined with the existing \u003ccode\u003econfig\u003c/code\u003e prop.\u003c/p\u003e\n\u003cpre lang=\"tsx\"\u003e\u003ccode\u003eimport themeCss from \u0026quot;./theme.css?inline\u0026quot;;\n\u003cp\u003e\u0026lt;Tailwind theme={themeCss}\u0026gt;\u003cbr /\u003e\n\u0026lt;div className=\u0026quot;bg-brand font-display\u0026quot;\u0026gt;Custom themed content\u0026lt;/div\u0026gt;\u003cbr /\u003e\n\u0026lt;/Tailwind\u0026gt;;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eEmpty strings are no-ops. The base Tailwind theme and utilities are still loaded — \u003ccode\u003etheme\u003c/code\u003e and \u003ccode\u003eutility\u003c/code\u003e layer on top.\u003c/p\u003e\n\u003cp\u003eThe preview server, \u003ccode\u003eemail export\u003c/code\u003e, and the caniemail compatibility check all understand the Vite-style \u003ccode\u003e?inline\u003c/code\u003e and \u003ccode\u003e?raw\u003c/code\u003e suffixes on CSS imports, so the pattern above works the same in your project and inside the preview UI. The compatibility check also extracts the \u003ccode\u003etheme\u003c/code\u003e and \u003ccode\u003eutility\u003c/code\u003e props (in addition to \u003ccode\u003econfig\u003c/code\u003e) when analyzing your template, so any caniemail incompatibilities in CSS produced by those props will surface as warnings.\u003c/p\u003e\n\u003cp\u003eInternal note: the exported \u003ccode\u003esetupTailwind\u003c/code\u003e helper now takes \u003ccode\u003e{ config, cssConfigs }\u003c/code\u003e instead of a positional \u003ccode\u003eTailwindConfig\u003c/code\u003e. Calling it with the old shape throws with a migration hint.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e06f1d05: Watch directories targeted by dynamic \u003ccode\u003eimport()\u003c/code\u003e template literals so changes to runtime-resolved files trigger preview reloads.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ereact-email@6.1.5\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1a61cb0: Avoid OOM when running \u003ccode\u003eemail export\u003c/code\u003e on projects with many templates. esbuild builds now run in batches of 10 entry points, and the render phase runs each batch of 25 templates inside a \u003ccode\u003eworker_threads\u003c/code\u003e worker so V8 isolate memory is reclaimed between batches.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/resend/react-email/blob/canary/packages/react-email/CHANGELOG.md\"\u003ereact-email's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.3.3\u003c/h2\u003e\n\u003ch2\u003e6.3.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efbda5c8: increase whitespace padding to 200 characters for better Gmail preview text rendering\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.3.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec610dc0: fix: padding in Container/Section failing on Klaviyo and Outlook desktop\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.3.0\u003c/h2\u003e\n\u003ch2\u003e6.2.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e192d82a: Add \u003ccode\u003etheme\u003c/code\u003e and \u003ccode\u003eutility\u003c/code\u003e props to \u003ccode\u003e\u0026lt;Tailwind\u0026gt;\u003c/code\u003e for Tailwind v4 CSS-first configuration. Both accept a CSS string and can be combined with the existing \u003ccode\u003econfig\u003c/code\u003e prop.\u003c/p\u003e\n\u003cpre lang=\"tsx\"\u003e\u003ccode\u003eimport themeCss from \u0026quot;./theme.css?inline\u0026quot;;\n\u003cp\u003e\u0026lt;Tailwind theme={themeCss}\u0026gt;\u003cbr /\u003e\n\u0026lt;div className=\u0026quot;bg-brand font-display\u0026quot;\u0026gt;Custom themed content\u0026lt;/div\u0026gt;\u003cbr /\u003e\n\u0026lt;/Tailwind\u0026gt;;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eEmpty strings are no-ops. The base Tailwind theme and utilities are still loaded — \u003ccode\u003etheme\u003c/code\u003e and \u003ccode\u003eutility\u003c/code\u003e layer on top.\u003c/p\u003e\n\u003cp\u003eThe preview server, \u003ccode\u003eemail export\u003c/code\u003e, and the caniemail compatibility check all understand the Vite-style \u003ccode\u003e?inline\u003c/code\u003e and \u003ccode\u003e?raw\u003c/code\u003e suffixes on CSS imports, so the pattern above works the same in your project and inside the preview UI. The compatibility check also extracts the \u003ccode\u003etheme\u003c/code\u003e and \u003ccode\u003eutility\u003c/code\u003e props (in addition to \u003ccode\u003econfig\u003c/code\u003e) when analyzing your template, so any caniemail incompatibilities in CSS produced by those props will surface as warnings.\u003c/p\u003e\n\u003cp\u003eInternal note: the exported \u003ccode\u003esetupTailwind\u003c/code\u003e helper now takes \u003ccode\u003e{ config, cssConfigs }\u003c/code\u003e instead of a positional \u003ccode\u003eTailwindConfig\u003c/code\u003e. Calling it with the old shape throws with a migration hint.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e06f1d05: Watch directories targeted by dynamic \u003ccode\u003eimport()\u003c/code\u003e template literals so changes to runtime-resolved files trigger preview reloads.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.1.5\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1a61cb0: Avoid OOM when running \u003ccode\u003eemail export\u003c/code\u003e on projects with many templates. esbuild builds now run in batches of 10 entry points, and the render phase runs each batch of 25 templates inside a \u003ccode\u003eworker_threads\u003c/code\u003e worker so V8 isolate memory is reclaimed between batches.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/a79acd1f19f4da032ad7c287d78b9ec3dcbb2da0\"\u003e\u003ccode\u003ea79acd1\u003c/code\u003e\u003c/a\u003e chore(root): version packages (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/3535\"\u003e#3535\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/7745296a31a7d463a170c7f3f8dc3f70a69a24ae\"\u003e\u003ccode\u003e7745296\u003c/code\u003e\u003c/a\u003e chore(root): version packages (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/3533\"\u003e#3533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/fbda5c8a2b0671e5725d29f37025c737fec7d5ef\"\u003e\u003ccode\u003efbda5c8\u003c/code\u003e\u003c/a\u003e fix(preview): increase whitespace padding to 200 chars for Gmail (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/3100\"\u003e#3100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/f52257156d9ca7b003527108ee742e65d39dd3fd\"\u003e\u003ccode\u003ef522571\u003c/code\u003e\u003c/a\u003e chore(root): version packages (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/3530\"\u003e#3530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/c610dc0d5efec749d5d96ac7d578ea4b217da226\"\u003e\u003ccode\u003ec610dc0\u003c/code\u003e\u003c/a\u003e fix: padding in Container/Section failing on Klavyio and Outlook (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/2257\"\u003e#2257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/556d7904c8461a9bc5138f15e9a20d599ef8e6db\"\u003e\u003ccode\u003e556d790\u003c/code\u003e\u003c/a\u003e chore(root): version packages (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/3527\"\u003e#3527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/6c4af8c25e1e461b1666838cf587ee74ee29be7c\"\u003e\u003ccode\u003e6c4af8c\u003c/code\u003e\u003c/a\u003e chore(root): version packages (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/06f1d05faa53cf525f59409bfc0c586390328dcc\"\u003e\u003ccode\u003e06f1d05\u003c/code\u003e\u003c/a\u003e feat(react-email): hot reloading around dynamic import (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/3422\"\u003e#3422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/192d82afd8d05ba30a0c094bff7edc0be56d3258\"\u003e\u003ccode\u003e192d82a\u003c/code\u003e\u003c/a\u003e feat(tailwind): add css configs to \u003ccode\u003eTaliwind\u003c/code\u003e component (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/2926\"\u003e#2926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/549d95cda58f530df826c2cba033efdaea2e3b61\"\u003e\u003ccode\u003e549d95c\u003c/code\u003e\u003c/a\u003e chore(root): version packages (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/3519\"\u003e#3519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/resend/react-email/commits/react-email@6.3.3/packages/react-email\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tanstack/react-query` from 5.100.10 to 5.100.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/releases\"\u003e@​tanstack/react-query's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-next-experimental\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-persist-client\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-persist-client-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix(react-query): do not go into optimistic fetching state when not subscribed (\u003ca href=\"https://redirect.github.com/TanStack/query/pull/10759\"\u003e#10759\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies []:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-next-experimental\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-persist-client\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-persist-client-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md\"\u003e@​tanstack/react-query's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix(react-query): do not go into optimistic fetching state when not subscribed (\u003ca href=\"https://redirect.github.com/TanStack/query/pull/10759\"\u003e#10759\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies []:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/d423168f6261a5cb3d353e53b27c8150cc271151\"\u003e\u003ccode\u003ed423168\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.12\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.12\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.11\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.11\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TanStack/query/commits/@tanstack/react-query@5.100.14/packages/react-query\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@scalar/hono-api-reference` from 0.10.14 to 0.10.19\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/scalar/scalar/blob/main/integrations/hono/CHANGELOG.md\"\u003e@​scalar/hono-api-reference's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.10.19\u003c/h2\u003e\n\u003ch2\u003e0.10.18\u003c/h2\u003e\n\u003ch2\u003e0.10.17\u003c/h2\u003e\n\u003ch2\u003e0.10.16\u003c/h2\u003e\n\u003ch2\u003e0.10.15\u003c/h2\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/scalar/scalar/commits/HEAD/integrations/hono\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nodemailer` from 8.0.7 to 8.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/releases\"\u003enodemailer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.7...v8.0.8\"\u003e8.0.8\u003c/a\u003e (2026-05-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenforce strict TLS for OAuth2 and Ethereal credential requests (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1818\"\u003e#1818\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/833d6e58c8b717962bbb1b23e16923cd267c3bc9\"\u003e833d6e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efour listener/stream leaks in SMTP transport, connection, pool (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1817\"\u003e#1817\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/850bb91bff7707ed498c1424df01c4e5b30ea14b\"\u003e850bb91\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md\"\u003enodemailer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.7...v8.0.8\"\u003e8.0.8\u003c/a\u003e (2026-05-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenforce strict TLS for OAuth2 and Ethereal credential requests (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1818\"\u003e#1818\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/833d6e58c8b717962bbb1b23e16923cd267c3bc9\"\u003e833d6e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efour listener/stream leaks in SMTP transport, connection, pool (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1817\"\u003e#1817\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/850bb91bff7707ed498c1424df01c4e5b30ea14b\"\u003e850bb91\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/15138a84c543c20aa399218534cdbbfa2ea1ce55\"\u003e\u003ccode\u003e15138a8\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.8 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1819\"\u003e#1819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/850bb91bff7707ed498c1424df01c4e5b30ea14b\"\u003e\u003ccode\u003e850bb91\u003c/code\u003e\u003c/a\u003e fix: four listener/stream leaks in SMTP transport, connection, pool (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1817\"\u003e#1817\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/833d6e58c8b717962bbb1b23e16923cd267c3bc9\"\u003e\u003ccode\u003e833d6e5\u003c/code\u003e\u003c/a\u003e fix: enforce strict TLS for OAuth2 and Ethereal credential requests (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1818\"\u003e#1818\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.7...v8.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `resend` from 6.12.3 to 6.12.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/resend/resend-node/releases\"\u003eresend's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.12.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(deps): update dependency next to v16.2.6 [security] by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/957\"\u003eresend/resend-node#957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(dev-660): harden github actions workflows by \u003ca href=\"https://github.com/felipefreitag\"\u003e\u003ccode\u003e@​felipefreitag\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/959\"\u003eresend/resend-node#959\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add sync-prs-to-linear action by \u003ca href=\"https://github.com/dielduarte\"\u003e\u003ccode\u003e@​dielduarte\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/961\"\u003eresend/resend-node#961\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: rename misnamed \u003ccode\u003eget-contact.interface.ts\u003c/code\u003e to \u003ccode\u003eget-topic.interface.ts\u003c/code\u003e in topics module by \u003ca href=\"https://github.com/wesleyramalho\"\u003e\u003ccode\u003e@​wesleyramalho\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/903\"\u003eresend/resend-node#903\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: avoid mutating payloads in emails, broadcasts, and templates by \u003ca href=\"https://github.com/Shubhdeep12\"\u003e\u003ccode\u003e@​Shubhdeep12\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/862\"\u003eresend/resend-node#862\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add optional baseUrl and userAgent to Resend constructor by \u003ca href=\"https://github.com/xiaoyu2er\"\u003e\u003ccode\u003e@​xiaoyu2er\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/839\"\u003eresend/resend-node#839\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump public-shared-workflows hash by \u003ca href=\"https://github.com/dielduarte\"\u003e\u003ccode\u003e@​dielduarte\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/965\"\u003eresend/resend-node#965\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump public-shared-workflows hash by \u003ca href=\"https://github.com/dielduarte\"\u003e\u003ccode\u003e@​dielduarte\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/966\"\u003eresend/resend-node#966\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: align \u003ccode\u003edelete\u003c/code\u003e method with other HTTP methods in Resend class by \u003ca href=\"https://github.com/wesleyramalho\"\u003e\u003ccode\u003e@​wesleyramalho\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/904\"\u003eresend/resend-node#904\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: to support \u003ccode\u003e@​react-email/render\u003c/code\u003e exports across versions in templates by \u003ca href=\"https://github.com/Shubhdeep12\"\u003e\u003ccode\u003e@​Shubhdeep12\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/863\"\u003eresend/resend-node#863\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: replace svix with standardwebhooks to reduce install size (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/969\"\u003e#969\u003c/a\u003e) by \u003ca href=\"https://github.com/dielduarte\"\u003e\u003ccode\u003e@​dielduarte\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/970\"\u003eresend/resend-node#970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 6.12.4 by \u003ca href=\"https://github.com/dielduarte\"\u003e\u003ccode\u003e@​dielduarte\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/971\"\u003eresend/resend-node#971\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/resend/resend-node/compare/v6.12.3...v6.12.4\"\u003ehttps://github.com/resend/resend-node/compare/v6.12.3...v6.12.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/58db880a67575d9231bcbc5cae9c438793698f05\"\u003e\u003ccode\u003e58db880\u003c/code\u003e\u003c/a\u003e chore: bump version to 6.12.4 (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/971\"\u003e#971\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/63f5ddb8fc0d35fa590e27f7ca4d69d3051969db\"\u003e\u003ccode\u003e63f5ddb\u003c/code\u003e\u003c/a\u003e fix: replace svix with standardwebhooks to reduce install size (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/969\"\u003e#969\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/970\"\u003e#970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/45dc73dae27646930d460d52de7528640ba9fb8e\"\u003e\u003ccode\u003e45dc73d\u003c/code\u003e\u003c/a\u003e fix: to support \u003ccode\u003e@​react-email/render\u003c/code\u003e exports across versions in templates (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/863\"\u003e#863\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/24950d7aa54bf19d929fe26e63557611411938cb\"\u003e\u003ccode\u003e24950d7\u003c/code\u003e\u003c/a\u003e refactor: align \u003ccode\u003edelete\u003c/code\u003e method with other HTTP methods in Resend class (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/904\"\u003e#904\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/2759316719f54e602dbf3d0b1fa58703f52b79c0\"\u003e\u003ccode\u003e2759316\u003c/code\u003e\u003c/a\u003e chore: bump public-shared-workflows hash (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/966\"\u003e#966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/fa04efcf72a2c1d89a6530ee14ce08986a4c1a08\"\u003e\u003ccode\u003efa04efc\u003c/code\u003e\u003c/a\u003e chore: bump public-shared-workflows hash (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/965\"\u003e#965\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/77bbf2d63285a1e527fe3fc85493235a6131d084\"\u003e\u003ccode\u003e77bbf2d\u003c/code\u003e\u003c/a\u003e feat: add optional baseUrl and userAgent to Resend constructor (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/839\"\u003e#839\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/ebdb2d3f1ad3880ed81e4bb437796577e3e2ab6b\"\u003e\u003ccode\u003eebdb2d3\u003c/code\u003e\u003c/a\u003e fix: avoid mutating payloads in emails, broadcasts, and templates (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/862\"\u003e#862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/674ab1bf6c09ddc1942d317a9e2939692fd32340\"\u003e\u003ccode\u003e674ab1b\u003c/code\u003e\u003c/a\u003e fix: rename misnamed \u003ccode\u003eget-contact.interface.ts\u003c/code\u003e to \u003ccode\u003eget-topic.interface.ts\u003c/code\u003e i...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/ac0c09ffc9dde924b5b147b8767c1b5e636778f6\"\u003e\u003ccode\u003eac0c09f\u003c/code\u003e\u003c/a\u003e chore: add sync-prs-to-linear action (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/961\"\u003e#961\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/resend/resend-node/compare/v6.12.3...v6.12.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~dielduarte\"\u003edielduarte\u003c/a\u003e, a new releaser for resend since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dodopayments` from 2.31.2 to 2.32.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/releases\"\u003edodopayments's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003ch2\u003e2.32.0 (2026-05-21)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/compare/v2.31.2...v2.32.0\"\u003ev2.31.2...v2.32.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e fixed a breaking modal change (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/2ebadfd83adf32d8d27793242ddcc0c11472c30c\"\u003e2ebadfd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e stainless fixes (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/de22d45d43fcd8111f7df9f9e32dcc41aee49799\"\u003ede22d45\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e updated openapi spec to v1.99.0 and added missing endpoints as well (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/355bcff595128ea31846c905ca88c120e0f80d6c\"\u003e355bcff\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript:\u003c/strong\u003e upgrade tsc-multi so that it works with Node 26 (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/a8a2dbeed8f84ad36f4b88b8ff96220502a98b15\"\u003ea8a2dbe\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etests:\u003c/strong\u003e remove redundant File import (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/3713e1b86140cc3a495c9d9b09f2e6c7cffe01e5\"\u003e3713e1b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/blob/main/CHANGELOG.md\"\u003edodopayments's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.0 (2026-05-21)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/compare/v2.31.2...v2.32.0\"\u003ev2.31.2...v2.32.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e fixed a breaking modal change (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/2ebadfd83adf32d8d27793242ddcc0c11472c30c\"\u003e2ebadfd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e stainless fixes (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/de22d45d43fcd8111f7df9f9e32dcc41aee49799\"\u003ede22d45\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e updated openapi spec to v1.99.0 and added missing endpoints as well (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/355bcff595128ea31846c905ca88c120e0f80d6c\"\u003e355bcff\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript:\u003c/strong\u003e upgrade tsc-multi so that it works with Node 26 (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/a8a2dbeed8f84ad36f4b88b8ff96220502a98b15\"\u003ea8a2dbe\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etests:\u003c/strong\u003e remove redundant File import (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/3713e1b86140cc3a495c9d9b09f2e6c7cffe01e5\"\u003e3713e1b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/37c566db9f2eba45426948fe19877111aff8f568\"\u003e\u003ccode\u003e37c566d\u003c/code\u003e\u003c/a\u003e release: 2.32.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/f2af7cc1fe5f4f6aef6766c1d04ccb7361730cda\"\u003e\u003ccode\u003ef2af7cc\u003c/code\u003e\u003c/a\u003e feat(api): fixed a breaking modal change\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/b97362418da21adf6606f602cc4c5f73186317a1\"\u003e\u003ccode\u003eb973624\u003c/code\u003e\u003c/a\u003e feat(api): updated openapi spec to v1.99.0 and added missing endpoints as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/f782c9582aec95ff95bfc9569644d0366adcf9ec\"\u003e\u003ccode\u003ef782c95\u003c/code\u003e\u003c/a\u003e fix(typescript): upgrade tsc-multi so that it works with Node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/d44c384b4df7e0834e02e66980bfbfcb153faef8\"\u003e\u003ccode\u003ed44c384\u003c/code\u003e\u003c/a\u003e chore(tests): remove redundant File import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/d5d7df81be4b90c00fb930d4e3379528de69a899\"\u003e\u003ccode\u003ed5d7df8\u003c/code\u003e\u003c/a\u003e feat(api): stainless fixes\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/compare/v2.31.2...v2.32.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@ai-sdk/anthropic` from 3.0.77 to 3.0.79\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/anthropic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/anthropic\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.79\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed61a788: Handle errors from anthropic websearch tool\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/anthropic@3.0.79/packages/anthropic/CHANGELOG.md\"\u003e@​ai-sdk/anthropic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.79\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed61a788: Handle errors from anthropic websearch tool\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.78\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e6e28d25: fix(anthropic): propagate toModelOutput providerOption to anthropic tool results\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ebba33ab965b5b26f93705719d76db45089bb3c\"\u003e\u003ccode\u003e7ebba33\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/anthropic/issues/15557\"\u003e#15557\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/d61a788b8faa54b630d5672e71ddd8aecd61f72c\"\u003e\u003ccode\u003ed61a788\u003c/code\u003e\u003c/a\u003e Backport: Handle errors in anthropic's web search tool (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/anthropic/issues/15555\"\u003e#15555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/anthropic/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6e28d252ffc4032abcbe78a463807d0af90bbaa7\"\u003e\u003ccode\u003e6e28d25\u003c/code\u003e\u003c/a\u003e Backport: fix(anthropic): propagate toModelOutput providerOption to anthropic...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/anthropic@3.0.79/packages/anthropic\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@ai-sdk/openai` from 3.0.63 to 3.0.65\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/openai's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/openai\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.65\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eeb52378: fix(openai): skip passing reasoning items when using previous response id\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/openai@3.0.65/packages/openai/CHANGELOG.md\"\u003e@​ai-sdk/openai's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.65\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eeb52378: fix(openai): skip passing reasoning items when using previous response id\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.64\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eb7ed8bd: feat(openai): add opt-in pass-through for unsupported file media types\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1a3ec6d76fcc5333ac9b2751f3938cbe918efef2\"\u003e\u003ccode\u003e1a3ec6d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15513\"\u003e#15513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/eb523789b342aa21742c0a06f531604782820aff\"\u003e\u003ccode\u003eeb52378\u003c/code\u003e\u003c/a\u003e Backport: fix(openai): skip passing reasoning items when using previous respo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/b7ed8bdac18d2e71b4c392f08c8d8f03204ca8f4\"\u003e\u003ccode\u003eb7ed8bd\u003c/code\u003e\u003c/a\u003e Backport: feat(openai): add opt-in pass-through for unsupported file media ty...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/openai@3.0.65/packages/openai\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@ai-sdk/react` from 3.0.184 to 3.0.193\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.193\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.191\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.190\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/react@3.0.193/packages/react/CHANGELOG.md\"\u003e@​ai-sdk/react's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.193\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.191\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.190\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.189\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.187\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.188\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.186\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.187\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.185\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.186\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [40fc5e4]\n\u003cul\u003e\n\u003cli\u003eai@6.0.184\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/0838d52fe657c4f04891b78423fbc636a543851a\"\u003e\u003ccode\u003e0838d52\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15565\"\u003e#15565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1a3ec6d76fcc5333ac9b2751f3938cbe918efef2\"\u003e\u003ccode\u003e1a3ec6d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15513\"\u003e#15513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/bde7d0ff4882364a94e7aeea8ff2b0a7e89effb4\"\u003e\u003ccode\u003ebde7d0f\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15494\"\u003e#15494\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/93ad540ed13863363ebc0bd5a9c574a082602d27\"\u003e\u003ccode\u003e93ad540\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15489\"\u003e#15489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a15eda90f03049bfba99183b4fd308ca63372b86\"\u003e\u003ccode\u003ea15eda9\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15473\"\u003e#15473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e33b836af7673d45eb90704574ffae5bdc6ba824\"\u003e\u003ccode\u003ee33b836\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15440\"\u003e#15440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/4a989451c5ef8c1b04d8a91e4e9301dc81708cfa\"\u003e\u003ccode\u003e4a98945\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15406\"\u003e#15406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/f8d30032da41bdfd1d4c560bb6439dec8021603e\"\u003e\u003ccode\u003ef8d3003\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15356\"\u003e#15356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/react@3.0.193/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@aws-sdk/client-s3` from 3.1046.0 to 3.1053.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/client-s3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1053.0\u003c/h2\u003e\n\u003ch4\u003e3.1053.0(2026-05-22)\u003c/h4\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-gameliftstreams:\u003c/strong\u003e  Added new Gen6 stream classes based on the EC2 G6e instance family. These classes are designed for streaming high-fidelity, graphically demanding games and applications that benefit from additional GPU memory and performance. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bf88fa508bf74c7120202668d66b1657601e0d32\"\u003ebf88fa50\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-05-22 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/3518814ad7011517e95ba077b4d60b64834dc0f5\"\u003e3518814a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-appconfig:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e757a91539c7e5633896a6165098a1802de3255c\"\u003ee757a915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-repostspace:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/15fec74b7b20e186a9eb70d593819dfa73b7f782\"\u003e15fec74b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ivs-realtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/adeea78b85eb00bed1a973b7344ecddbd89345f0\"\u003eadeea78b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-cloudcontrol:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e7ef3bf7a1497a06a0ae1cbdfaa6bfa68b6ffe4\"\u003e2e7ef3bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-tnb:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/f07457cbe17f8f1621475ba0c585363e36aef9d7\"\u003ef07457cb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sso-oidc:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e909d25a859634f57fd2cdcd20a760c36bfc42b\"\u003e2e909d25\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-s3vectors:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4071f1a4d21610fb883f2af611b3d69d2922cd5f\"\u003e4071f1a4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-internetmonitor:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/117e04a99f7c58f946947e77b0bc75f87998198e\"\u003e117e04a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-freetier:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e3cf14a2f64239d4b7c4160fd8c5b95672deb9b6\"\u003ee3cf14a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-oam:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5a30b72248e4f26b10173b2f64c7892d1b963eaa\"\u003e5a30b722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecastquery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ada5ae322c6b5eb88ba194b1d8715b5d699de1ce\"\u003eada5ae32\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-customer-profiles:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9de89c10330b5641dc0427653815f8131209edca\"\u003e9de89c10\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-migration-hub-refactor-spaces:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/a4e5e7ba8ec707c4bbdf27a7e38425cb9652861c\"\u003ea4e5e7ba\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-controltower:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b99b7a1820b90840d18c8b39edc9a4d10afdf553\"\u003eb99b7a18\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-databrew:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4a1bcdb9123163d275247b25f02845097260fb51\"\u003e4a1bcdb9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-b2bi:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/66bb63d12d590f6e191714b9263affccf478f3b2\"\u003e66bb63d1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-simspaceweaver:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c6617b6d847a27bc7e32bef03c10fb04b227e21f\"\u003ec6617b6d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-emr-containers:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e99cccbde15f31ac18b780138c8f880600e7e516\"\u003ee99cccbd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-recommended-actions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45477f0838686bbbd69ad1afbd6b3b7ecda1a1c3\"\u003e45477f08\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecast:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5964d82b99f5dd46a92341f85053db135c0d23fc\"\u003e5964d82b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-neptunedata:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/418745d5411b2ff30ffb2c8472d4301f485a71a6\"\u003e418745d5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-qconnect:\u003c/strong\u003e  Added guardrail assessment results to inference spans in the ListSpans API. You can now see which AI Guardrail policies were evaluated, whether content was blocked or masked, and per-policy details for each Bedrock Converse call (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0213a8624e82ca946be41fe8833d460e709d2d2a\"\u003e0213a862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-pricing-calculator:\u003c/strong\u003e  Adding new BDD representation of e...\n\n_Description has been truncated_","html_url":"https://github.com/JulioCout/safe-balance/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/JulioCout%2Fsafe-balance/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"},{"uuid":"4519122795","node_id":"PR_kwDOQXGLpc7fJl1C","number":21,"state":"open","title":"chore(deps)(deps): bump the production-minor-and-patch group across 1 directory with 30 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T19:32:28.000Z","updated_at":"2026-05-25T19:33:41.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): bump","group_name":"production-minor-and-patch","update_count":30,"packages":[{"name":"@hookform/resolvers","old_version":"5.2.2","new_version":"5.4.0","repository_url":"https://github.com/react-hook-form/resolvers"},{"name":"@sentry/node","old_version":"10.27.0","new_version":"10.53.1","repository_url":"https://github.com/getsentry/sentry-javascript"},{"name":"@supabase/supabase-js","old_version":"2.81.1","new_version":"2.106.2","repository_url":"https://github.com/supabase/supabase-js"},{"name":"@tanstack/react-query","old_version":"5.90.10","new_version":"5.100.14","repository_url":"https://github.com/TanStack/query"},{"name":"@trpc/client","old_version":"11.7.1","new_version":"11.17.0","repository_url":"https://github.com/trpc/trpc"},{"name":"@trpc/react-query","old_version":"11.7.1","new_version":"11.17.0","repository_url":"https://github.com/trpc/trpc"},{"name":"@trpc/server","old_version":"11.12.0","new_version":"11.17.0","repository_url":"https://github.com/trpc/trpc"},{"name":"axios","old_version":"1.13.6","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"cookie","old_version":"1.0.2","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"},{"name":"cron","old_version":"4.3.4","new_version":"4.4.0","repository_url":"https://github.com/kelektiv/node-cron"},{"name":"date-fns","old_version":"4.1.0","new_version":"4.3.0","repository_url":"https://github.com/date-fns/date-fns"},{"name":"dotenv","old_version":"17.2.3","new_version":"17.4.2","repository_url":"https://github.com/motdotla/dotenv"},{"name":"drizzle-orm","old_version":"0.44.7","new_version":"0.45.2","repository_url":"https://github.com/drizzle-team/drizzle-orm"},{"name":"ethers","old_version":"6.15.0","new_version":"6.16.0","repository_url":"https://github.com/ethers-io/ethers.js"},{"name":"express-rate-limit","old_version":"8.3.1","new_version":"8.5.2","repository_url":"https://github.com/express-rate-limit/express-rate-limit"},{"name":"framer-motion","old_version":"12.23.24","new_version":"12.40.0","repository_url":"https://github.com/motiondivision/motion"},{"name":"helmet","old_version":"8.1.0","new_version":"8.2.0","repository_url":"https://github.com/helmetjs/helmet"},{"name":"i18next-browser-languagedetector","old_version":"8.2.0","new_version":"8.2.1","repository_url":"https://github.com/i18next/i18next-browser-languageDetector"},{"name":"jose","old_version":"6.1.0","new_version":"6.2.3","repository_url":"https://github.com/panva/jose"},{"name":"nanoid","old_version":"5.1.6","new_version":"5.1.11","repository_url":"https://github.com/ai/nanoid"},{"name":"pg","old_version":"8.16.3","new_version":"8.21.0","repository_url":"https://github.com/brianc/node-postgres"},{"name":"postgres","old_version":"3.4.7","new_version":"3.4.9","repository_url":"https://github.com/porsager/postgres"},{"name":"react","old_version":"19.2.0","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"react-dom","old_version":"19.2.0","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"react-hook-form","old_version":"7.66.0","new_version":"7.76.1","repository_url":"https://github.com/react-hook-form/react-hook-form"},{"name":"redis","old_version":"5.10.0","new_version":"5.12.1","repository_url":"https://github.com/redis/node-redis"},{"name":"tailwind-merge","old_version":"3.4.0","new_version":"3.6.0","repository_url":"https://github.com/dcastil/tailwind-merge"},{"name":"wouter","old_version":"3.7.1","new_version":"3.10.0","repository_url":"https://github.com/molefrog/wouter"},{"name":"zod","old_version":"4.1.12","new_version":"4.4.3","repository_url":"https://github.com/colinhacks/zod"}],"path":null,"ecosystem":"npm"},"body":"Bumps the production-minor-and-patch group with 29 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@hookform/resolvers](https://github.com/react-hook-form/resolvers) | `5.2.2` | `5.4.0` |\n| [@sentry/node](https://github.com/getsentry/sentry-javascript) | `10.27.0` | `10.53.1` |\n| [@supabase/supabase-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js) | `2.81.1` | `2.106.2` |\n| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.90.10` | `5.100.14` |\n| [@trpc/client](https://github.com/trpc/trpc/tree/HEAD/packages/client) | `11.7.1` | `11.17.0` |\n| [@trpc/react-query](https://github.com/trpc/trpc/tree/HEAD/packages/react) | `11.7.1` | `11.17.0` |\n| [@trpc/server](https://github.com/trpc/trpc/tree/HEAD/packages/server) | `11.12.0` | `11.17.0` |\n| [axios](https://github.com/axios/axios) | `1.13.6` | `1.16.1` |\n| [cookie](https://github.com/jshttp/cookie) | `1.0.2` | `1.1.1` |\n| [cron](https://github.com/kelektiv/node-cron) | `4.3.4` | `4.4.0` |\n| [date-fns](https://github.com/date-fns/date-fns) | `4.1.0` | `4.3.0` |\n| [dotenv](https://github.com/motdotla/dotenv) | `17.2.3` | `17.4.2` |\n| [drizzle-orm](https://github.com/drizzle-team/drizzle-orm) | `0.44.7` | `0.45.2` |\n| [ethers](https://github.com/ethers-io/ethers.js) | `6.15.0` | `6.16.0` |\n| [express-rate-limit](https://github.com/express-rate-limit/express-rate-limit) | `8.3.1` | `8.5.2` |\n| [framer-motion](https://github.com/motiondivision/motion) | `12.23.24` | `12.40.0` |\n| [helmet](https://github.com/helmetjs/helmet) | `8.1.0` | `8.2.0` |\n| [i18next-browser-languagedetector](https://github.com/i18next/i18next-browser-languageDetector) | `8.2.0` | `8.2.1` |\n| [jose](https://github.com/panva/jose) | `6.1.0` | `6.2.3` |\n| [nanoid](https://github.com/ai/nanoid) | `5.1.6` | `5.1.11` |\n| [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.16.3` | `8.21.0` |\n| [postgres](https://github.com/porsager/postgres) | `3.4.7` | `3.4.9` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.0` | `19.2.6` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.0` | `19.2.6` |\n| [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.66.0` | `7.76.1` |\n| [redis](https://github.com/redis/node-redis) | `5.10.0` | `5.12.1` |\n| [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.4.0` | `3.6.0` |\n| [wouter](https://github.com/molefrog/wouter) | `3.7.1` | `3.10.0` |\n| [zod](https://github.com/colinhacks/zod) | `4.1.12` | `4.4.3` |\n\n\nUpdates `@hookform/resolvers` from 5.2.2 to 5.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/react-hook-form/resolvers/releases\"\u003e@​hookform/resolvers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.4.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.3.0...v5.4.0\"\u003e5.4.0\u003c/a\u003e (2026-05-21)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add ata-validator resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/845\"\u003e#845\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix issue with toNestErrors.ts (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/848\"\u003e#848\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eadd guidance on passing context to \u003ccode\u003eyupResolver\u003c/code\u003e (useForm context) (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/835\"\u003e#835\u003c/a\u003e)  (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/3d2992472adf5735b46b175e22bea82fddf13854\"\u003e3d29924\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/3d2992472adf5735b46b175e22bea82fddf13854\"\u003e\u003ccode\u003e3d29924\u003c/code\u003e\u003c/a\u003e feat: add guidance on passing context to \u003ccode\u003eyupResolver\u003c/code\u003e (useForm context) (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/835\"\u003e#835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/56b68f3798612601190a533887847d8fef2c94af\"\u003e\u003ccode\u003e56b68f3\u003c/code\u003e\u003c/a\u003e feat: 5.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/cf8562d88ce3a1658676b2ef996347f29e05b3ee\"\u003e\u003ccode\u003ecf8562d\u003c/code\u003e\u003c/a\u003e update readme on ata-validator\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/5e5b6103692fa599ddacca39a03bf707e73a5012\"\u003e\u003ccode\u003e5e5b610\u003c/code\u003e\u003c/a\u003e fix issue with toNestErrors.ts (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/848\"\u003e#848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/72aacf8604d697a29a1859f8bffccf18adb86add\"\u003e\u003ccode\u003e72aacf8\u003c/code\u003e\u003c/a\u003e Revise supported versions in SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/ad89a20d869f2dc21b905168c5578b3522c01b64\"\u003e\u003ccode\u003ead89a20\u003c/code\u003e\u003c/a\u003e feat: add ata-validator resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/845\"\u003e#845\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/02286db88310fd23e1de61ad880c23e210801813\"\u003e\u003ccode\u003e02286db\u003c/code\u003e\u003c/a\u003e ci: updated publish workflow to use node 24 (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/838\"\u003e#838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/2e9bc7c7d02506d336e20d8c0bae0c479f3662ec\"\u003e\u003ccode\u003e2e9bc7c\u003c/code\u003e\u003c/a\u003e Fix(zodResolver): error paths in complex unions \u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/787\"\u003e#787\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/819\"\u003e#819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.2.2...v5.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@sentry/node` from 10.27.0 to 10.53.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/getsentry/sentry-javascript/releases\"\u003e@​sentry/node's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.53.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(core): Don't gate user data for streamed spans at scope read time (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20827\"\u003e#20827\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(core): Include subpath type shims in published package (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20835\"\u003e#20835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eref(hono): Consolidate route patching and add clarification comments (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20829\"\u003e#20829\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): Bump next from 15.5.15 to 15.5.18 in /dev-packages/e2e-tests/test-applications/nextjs-15-intl (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20821\"\u003e#20821\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eBundle size 📦\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePath\u003c/th\u003e\n\u003cth\u003eSize\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e\u003c/td\u003e\n\u003ctd\u003e26.22 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e - with treeshaking flags\u003c/td\u003e\n\u003ctd\u003e24.69 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Tracing)\u003c/td\u003e\n\u003ctd\u003e43.69 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Tracing + Span Streaming)\u003c/td\u003e\n\u003ctd\u003e45.62 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Tracing, Profiling)\u003c/td\u003e\n\u003ctd\u003e48.56 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Tracing, Replay)\u003c/td\u003e\n\u003ctd\u003e82.4 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Tracing, Replay) - with treeshaking flags\u003c/td\u003e\n\u003ctd\u003e72.08 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Tracing, Replay with Canvas)\u003c/td\u003e\n\u003ctd\u003e86.99 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Tracing, Replay, Feedback)\u003c/td\u003e\n\u003ctd\u003e99.33 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Feedback)\u003c/td\u003e\n\u003ctd\u003e43 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. sendFeedback)\u003c/td\u003e\n\u003ctd\u003e30.92 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. FeedbackAsync)\u003c/td\u003e\n\u003ctd\u003e35.91 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Metrics)\u003c/td\u003e\n\u003ctd\u003e27.27 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Logs)\u003c/td\u003e\n\u003ctd\u003e27.42 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Metrics \u0026amp; Logs)\u003c/td\u003e\n\u003ctd\u003e28.08 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/react\u003c/code\u003e\u003c/td\u003e\n\u003ctd\u003e27.92 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/react\u003c/code\u003e (incl. Tracing)\u003c/td\u003e\n\u003ctd\u003e45.9 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/vue\u003c/code\u003e\u003c/td\u003e\n\u003ctd\u003e31.01 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/vue\u003c/code\u003e (incl. Tracing)\u003c/td\u003e\n\u003ctd\u003e45.5 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/svelte\u003c/code\u003e\u003c/td\u003e\n\u003ctd\u003e26.24 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle\u003c/td\u003e\n\u003ctd\u003e28.55 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Tracing)\u003c/td\u003e\n\u003ctd\u003e46.04 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Logs, Metrics)\u003c/td\u003e\n\u003ctd\u003e29.89 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Tracing, Logs, Metrics)\u003c/td\u003e\n\u003ctd\u003e47.14 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Replay, Logs, Metrics)\u003c/td\u003e\n\u003ctd\u003e68.3 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Tracing, Replay)\u003c/td\u003e\n\u003ctd\u003e82.55 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Tracing, Replay, Logs, Metrics)\u003c/td\u003e\n\u003ctd\u003e83.6 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Tracing, Replay, Feedback)\u003c/td\u003e\n\u003ctd\u003e88.23 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics)\u003c/td\u003e\n\u003ctd\u003e89.3 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle - uncompressed\u003c/td\u003e\n\u003ctd\u003e83.97 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Tracing) - uncompressed\u003c/td\u003e\n\u003ctd\u003e138.12 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Logs, Metrics) - uncompressed\u003c/td\u003e\n\u003ctd\u003e88.07 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Tracing, Logs, Metrics) - uncompressed\u003c/td\u003e\n\u003ctd\u003e141.5 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Replay, Logs, Metrics) - uncompressed\u003c/td\u003e\n\u003ctd\u003e209.97 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md\"\u003e@​sentry/node's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.53.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(core): Don't gate user data for streamed spans at scope read time (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20827\"\u003e#20827\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(core): Include subpath type shims in published package (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20835\"\u003e#20835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eref(hono): Consolidate route patching and add clarification comments (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20829\"\u003e#20829\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): Bump next from 15.5.15 to 15.5.18 in /dev-packages/e2e-tests/test-applications/nextjs-15-intl (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20821\"\u003e#20821\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e10.53.0\u003c/h2\u003e\n\u003ch3\u003eImportant Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003efeat(core): Add \u003ccode\u003estreamGenAiSpans\u003c/code\u003e options to stream gen_ai spans (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20785\"\u003e#20785\u003c/a\u003e)\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eAdds a new \u003ccode\u003estreamGenAiSpans\u003c/code\u003e option that controls how \u003ccode\u003egen_ai\u003c/code\u003e spans are\nsent to Sentry. When set, the SDK extracts all \u003ccode\u003egen_ai\u003c/code\u003e spans out of a\ntransaction and sends them as v2 envelope items.\u003c/p\u003e\n\u003cp\u003eEnable this option if gen_ai spans are being dropped because the transaction payload exceeds size limits.\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003eSentry.init({\n  dsn: 'https://examplePublicKey@o0.ingest.sentry.io/0',\n  streamGenAiSpans: true,\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(browser): Migrate browser profiling thread data to span attributes (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20800\"\u003e#20800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(core): Add \u003ccode\u003eaddConsoleInstrumentationFilter\u003c/code\u003e utility (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20790\"\u003e#20790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(core): Add \u003ccode\u003eapplicationKey\u003c/code\u003e to \u003ccode\u003eBuildTimeOptionsBase\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20789\"\u003e#20789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(core): split exports by browser/server for bundle size (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20435\"\u003e#20435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(nextjs): Add top-level \u003ccode\u003eapplicationKey\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20794\"\u003e#20794\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(node): Support Node 26 (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20710\"\u003e#20710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(profiling-node): Bump \u003ccode\u003e@sentry-internal/node-cpu-profiler\u003c/code\u003e to 2.4.0 (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20720\"\u003e#20720\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(cloudflare): avoid flush lock self-wait (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20719\"\u003e#20719\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(hono): Capture transaction name on request for correct culprit (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20801\"\u003e#20801\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mcp): retroactively wrap handlers registered before wrapMcpServerWithSentry (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20699\"\u003e#20699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(node-core): Guard against undefined util.getSystemErrorMap (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20660\"\u003e#20660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(replay): Capture aborted/errored fetch requests in replay network tab (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20722\"\u003e#20722\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/cd9740818cba748dbced0e8a1497000a88ec8a56\"\u003e\u003ccode\u003ecd97408\u003c/code\u003e\u003c/a\u003e release: 10.53.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/66cfb25117ed7b14ca3da20a79b836619e9c8a6c\"\u003e\u003ccode\u003e66cfb25\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/20838\"\u003e#20838\u003c/a\u003e from getsentry/prepare-release/10.53.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/df8fd3863043f143961a5d96e79a717d62eada31\"\u003e\u003ccode\u003edf8fd38\u003c/code\u003e\u003c/a\u003e meta(changelog): Update changelog for 10.53.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/588100986580e0f5c8c3204661e59e5103e7d269\"\u003e\u003ccode\u003e5881009\u003c/code\u003e\u003c/a\u003e fix(core): Include subpath type shims in published package (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/20835\"\u003e#20835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/6a7d179ad38c7591021c88e4bd3ec82b3c6cc606\"\u003e\u003ccode\u003e6a7d179\u003c/code\u003e\u003c/a\u003e fix(core): Don't gate user data for streamed spans at scope read time (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/20827\"\u003e#20827\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/ad47c3c3de5b2bacfbbd08bcdf9cd90184ce64bc\"\u003e\u003ccode\u003ead47c3c\u003c/code\u003e\u003c/a\u003e ref(hono): Consolidate route patching and add clarification comments (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/20829\"\u003e#20829\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/28d6fe514d5ed00561a8e3d1c0406a8cb544c738\"\u003e\u003ccode\u003e28d6fe5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/20826\"\u003e#20826\u003c/a\u003e from getsentry/master\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/46aca45a868d717939448ded1001fac4337ac46e\"\u003e\u003ccode\u003e46aca45\u003c/code\u003e\u003c/a\u003e Merge branch 'release/10.53.0'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/b5cbc9ca1800e1b4ee1de66e135a90891cecd570\"\u003e\u003ccode\u003eb5cbc9c\u003c/code\u003e\u003c/a\u003e chore(deps): Bump next from 15.5.15 to 15.5.18 in /dev-packages/e2e-tests/tes...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/05489b83e7920fc4ce47a530054c5558c1704a45\"\u003e\u003ccode\u003e05489b8\u003c/code\u003e\u003c/a\u003e release: 10.53.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/getsentry/sentry-javascript/compare/10.27.0...10.53.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@supabase/supabase-js` from 2.81.1 to 2.106.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/supabase/supabase-js/releases\"\u003e@​supabase/supabase-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.106.2\u003c/h2\u003e\n\u003ch2\u003e2.106.2 (2026-05-25)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eauth:\u003c/strong\u003e restore signup user response (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2391\"\u003e#2391\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisc:\u003c/strong\u003e add react-native export condition for Hermes-safe resolution (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2393\"\u003e#2393\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMyroslav Hryhschenko \u003ca href=\"https://github.com/BLOCKMATERIAL\"\u003e\u003ccode\u003e@​BLOCKMATERIAL\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eVaibhav \u003ca href=\"https://github.com/7ttp\"\u003e\u003ccode\u003e@​7ttp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.106.2-canary.1\u003c/h2\u003e\n\u003ch2\u003e2.106.2-canary.1 (2026-05-22)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only, there were no code changes.\u003c/p\u003e\n\u003ch2\u003ev2.106.2-canary.0\u003c/h2\u003e\n\u003ch2\u003e2.106.2-canary.0 (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eauth:\u003c/strong\u003e restore signup user response (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2391\"\u003e#2391\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisc:\u003c/strong\u003e add react-native export condition for Hermes-safe resolution (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2393\"\u003e#2393\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMyroslav Hryhschenko \u003ca href=\"https://github.com/BLOCKMATERIAL\"\u003e\u003ccode\u003e@​BLOCKMATERIAL\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eVaibhav \u003ca href=\"https://github.com/7ttp\"\u003e\u003ccode\u003e@​7ttp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.106.2-beta.2\u003c/h2\u003e\n\u003ch2\u003e2.106.2-beta.2 (2026-05-22)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only, there were no code changes.\u003c/p\u003e\n\u003ch2\u003ev2.106.2-beta.0\u003c/h2\u003e\n\u003ch2\u003e2.106.2-beta.0 (2026-05-21)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only, there were no code changes.\u003c/p\u003e\n\u003ch2\u003ev2.106.1\u003c/h2\u003e\n\u003ch2\u003e2.106.1 (2026-05-20)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eauth:\u003c/strong\u003e encode client-id in oauth requests (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2383\"\u003e#2383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisc:\u003c/strong\u003e hide dynamic import from hermesc (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2381\"\u003e#2381\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/supabase/supabase-js/blob/master/packages/core/supabase-js/CHANGELOG.md\"\u003e@​supabase/supabase-js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.106.2 (2026-05-25)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003emisc:\u003c/strong\u003e add react-native export condition for Hermes-safe resolution (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2393\"\u003e#2393\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMyroslav Hryhschenko \u003ca href=\"https://github.com/BLOCKMATERIAL\"\u003e\u003ccode\u003e@​BLOCKMATERIAL\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.106.1 (2026-05-20)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003emisc:\u003c/strong\u003e hide dynamic import from hermesc (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2381\"\u003e#2381\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKaterina Skroumpelou \u003ca href=\"https://github.com/mandarini\"\u003e\u003ccode\u003e@​mandarini\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.106.0 (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esupabase:\u003c/strong\u003e W3C/OpenTelemetry trace context propagation (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2163\"\u003e#2163\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erelease:\u003c/strong\u003e mark \u003ccode\u003e@​supabase/tracing\u003c/code\u003e private and snapshot it for JSR (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2370\"\u003e#2370\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eClaude Sonnet 4.5\u003c/li\u003e\n\u003cli\u003eGuilherme Souza\u003c/li\u003e\n\u003cli\u003eKaterina Skroumpelou \u003ca href=\"https://github.com/mandarini\"\u003e\u003ccode\u003e@​mandarini\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.105.4 (2026-05-08)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for \u003ccode\u003e@​supabase/supabase-js\u003c/code\u003e to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003ch2\u003e2.105.2 (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eauth:\u003c/strong\u003e forward lockAcquireTimeout to SupabaseAuthClient (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2309\"\u003e#2309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisc:\u003c/strong\u003e widen enum-like unions with (string \u0026amp; {}) for forward compat (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2303\"\u003e#2303\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMuzzaiyyan Hussain \u003ca href=\"https://github.com/MuzzaiyyanHussain\"\u003e\u003ccode\u003e@​MuzzaiyyanHussain\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/a5f09cf9a0a8c2744464a8505333ab3136e3f290\"\u003e\u003ccode\u003ea5f09cf\u003c/code\u003e\u003c/a\u003e chore(repo): adopt pnpm catalog and clean up devDeps (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2389\"\u003e#2389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/c72cc5608764b8d15f58e6ce8cfc6867ebead1be\"\u003e\u003ccode\u003ec72cc56\u003c/code\u003e\u003c/a\u003e fix(misc): add react-native export condition for Hermes-safe resolution (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2393\"\u003e#2393\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/a7bdb236041d5a3061be856fd9e00b45d9b62f54\"\u003e\u003ccode\u003ea7bdb23\u003c/code\u003e\u003c/a\u003e docs(supabase): expand tracePropagation tsdoc with examples (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2388\"\u003e#2388\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/f4c149c70f0f2c4203edf47fb173cb135c59b2be\"\u003e\u003ccode\u003ef4c149c\u003c/code\u003e\u003c/a\u003e chore(release): version 2.106.1 changelogs (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2384\"\u003e#2384\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/3f9628af627804fbfb1a7fc7a2b5f929856a1b52\"\u003e\u003ccode\u003e3f9628a\u003c/code\u003e\u003c/a\u003e fix(misc): hide dynamic import from hermesc (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2381\"\u003e#2381\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/1761a621ebcd40f7bbbf4bb95d7bf4e256b250c0\"\u003e\u003ccode\u003e1761a62\u003c/code\u003e\u003c/a\u003e chore(release): version 2.106.0 changelogs (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2379\"\u003e#2379\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/1c48755657c5f7aac5e4a7abf3f68f27efc0c746\"\u003e\u003ccode\u003e1c48755\u003c/code\u003e\u003c/a\u003e chore(deps): cleanups and updates (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2371\"\u003e#2371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/9dfba1c3d98c2c41c60f940a211950dfd3924e01\"\u003e\u003ccode\u003e9dfba1c\u003c/code\u003e\u003c/a\u003e chore(repo): migrate to pnpm (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2368\"\u003e#2368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/6731c4a900135ecbb14420bb3f3fe39196a0a9db\"\u003e\u003ccode\u003e6731c4a\u003c/code\u003e\u003c/a\u003e fix(release): mark \u003ccode\u003e@​supabase/tracing\u003c/code\u003e private and snapshot it for JSR (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2370\"\u003e#2370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/2fe1801fd5e9e03dd22308bcb98854429f634dd4\"\u003e\u003ccode\u003e2fe1801\u003c/code\u003e\u003c/a\u003e feat(supabase): W3C/OpenTelemetry trace context propagation (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2163\"\u003e#2163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/supabase/supabase-js/commits/v2.106.2/packages/core/supabase-js\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tanstack/react-query` from 5.90.10 to 5.100.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/releases\"\u003e@​tanstack/react-query's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-next-experimental\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-persist-client\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-persist-client-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix(react-query): do not go into optimistic fetching state when not subscribed (\u003ca href=\"https://redirect.github.com/TanStack/query/pull/10759\"\u003e#10759\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies []:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-next-experimental\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-persist-client\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-persist-client-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md\"\u003e@​tanstack/react-query's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix(react-query): do not go into optimistic fetching state when not subscribed (\u003ca href=\"https://redirect.github.com/TanStack/query/pull/10759\"\u003e#10759\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies []:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/d423168f6261a5cb3d353e53b27c8150cc271151\"\u003e\u003ccode\u003ed423168\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.12\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.12\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.11\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.11\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.10\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.10\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.9\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/fcee7bdc429385ae8ffa224fa8a7a9ec7b8ee380\"\u003e\u003ccode\u003efcee7bd\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.9\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.8\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.8\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/ba6e7beebd50143408f01fcf5d9aee2ec1486f60\"\u003e\u003ccode\u003eba6e7be\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e fix(react): do not go into optimistic fetching state when not subscribed (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/05cf2bc0a4eae64959dc8a40152e2878190c971b\"\u003e\u003ccode\u003e05cf2bc\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10758\"\u003e#10758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/d423168f6261a5cb3d353e53b27c8150cc271151\"\u003e\u003ccode\u003ed423168\u003c/code\u003e\u003c/a\u003e fix(query-core): use built-in NoInfer for generic indexed-access types (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10593\"\u003e#10593\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/5ff4f6936bb66a64267eb4413430f956eecf7248\"\u003e\u003ccode\u003e5ff4f69\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10755\"\u003e#10755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/3e85350749751eef055fffb65f6838dfafa74891\"\u003e\u003ccode\u003e3e85350\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10706\"\u003e#10706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/9d2692cec4d538c2f96489027ba546f11638dfb1\"\u003e\u003ccode\u003e9d2692c\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10695\"\u003e#10695\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/74fa05eb1b16f40ea7068afd0e5e082687d22338\"\u003e\u003ccode\u003e74fa05e\u003c/code\u003e\u003c/a\u003e chore(tsconfig.json): narrow 'include' pattern to prevent TS6053 race conditi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/8c3d523d0ab0b3f8fad28fbaae6807e7aca7eb54\"\u003e\u003ccode\u003e8c3d523\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10630\"\u003e#10630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/9800c8f1a3f7907956410c23426a26d981e7d694\"\u003e\u003ccode\u003e9800c8f\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10623\"\u003e#10623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/TanStack/query/commits/@tanstack/react-query@5.100.14/packages/react-query\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​tanstack/react-query\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@trpc/client` from 11.7.1 to 11.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/trpc/trpc/releases\"\u003e@​trpc/client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): bump next from 15.5.10 to 15.5.14 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7268\"\u003etrpc/trpc#7268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Review stale skills (v11.16.0) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7295\"\u003etrpc/trpc#7295\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server): unwrap error from cause for streaming onError by \u003ca href=\"https://github.com/zirkelc\"\u003e\u003ccode\u003e@​zirkelc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7286\"\u003etrpc/trpc#7286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Add cache checks for openapi router fixtures by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7296\"\u003etrpc/trpc#7296\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Update Hey API for new type imports by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7298\"\u003etrpc/trpc#7298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add oasdiff docs to openapi by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7299\"\u003etrpc/trpc#7299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Add subscription inferrence helpers by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7303\"\u003etrpc/trpc#7303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(www): Add accessible text to links without discernible text by \u003ca href=\"https://github.com/cyphercodes\"\u003e\u003ccode\u003e@​cyphercodes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7302\"\u003etrpc/trpc#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency \u003ccode\u003e@​tanstack/intent\u003c/code\u003e to ^0.0.27 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7309\"\u003etrpc/trpc#7309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency srvx to v0.11.14 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7310\"\u003etrpc/trpc#7310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​oxc-project/runtime\u003c/code\u003e to v0.123.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7311\"\u003etrpc/trpc#7311\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency \u003ccode\u003e@​clack/prompts\u003c/code\u003e to v1.2.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7312\"\u003etrpc/trpc#7312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump fastify from 5.8.1 to 5.8.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7288\"\u003etrpc/trpc#7288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update codecov/codecov-action action to v6 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7313\"\u003etrpc/trpc#7313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency eslint-plugin-unicorn to v64 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7314\"\u003etrpc/trpc#7314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency undici to v8 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7316\"\u003etrpc/trpc#7316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(monorepo): remove versions from private workspaces by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7306\"\u003etrpc/trpc#7306\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server): handle React 19 proxy coercion in createInnerProxy by \u003ca href=\"https://github.com/DORI2001\"\u003e\u003ccode\u003e@​DORI2001\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7336\"\u003etrpc/trpc#7336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add trpc-studio to awesome-trpc extensions by \u003ca href=\"https://github.com/sayefdeen\"\u003e\u003ccode\u003e@​sayefdeen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7340\"\u003etrpc/trpc#7340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade pnpm to 10.33.1 by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7350\"\u003etrpc/trpc#7350\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: upgrade drizzle in next-sse-chat example by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7351\"\u003etrpc/trpc#7351\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(www): Add Legora to website logos by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7358\"\u003etrpc/trpc#7358\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cyphercodes\"\u003e\u003ccode\u003e@​cyphercodes\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7302\"\u003etrpc/trpc#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DORI2001\"\u003e\u003ccode\u003e@​DORI2001\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7336\"\u003etrpc/trpc#7336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sayefdeen\"\u003e\u003ccode\u003e@​sayefdeen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7340\"\u003etrpc/trpc#7340\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trpc/trpc/compare/v11.16.0...v11.17.0\"\u003ehttps://github.com/trpc/trpc/compare/v11.16.0...v11.17.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: OpenAPI Cyclic Types support by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7283\"\u003etrpc/trpc#7283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Review stale skills (manual) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7294\"\u003etrpc/trpc#7294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e@trpc/openapi\u003c/code\u003e 11.16.0-alpha\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrops the type depth limit of 20, and significantly hardens cyclic-type support for both inference and Zod\u003c/li\u003e\n\u003cli\u003eSupport zod.lazy via Standard Schema fallback\u003c/li\u003e\n\u003cli\u003eStrip symbols from output (no more \u003ccode\u003e__@asyncIterator@5456\u003c/code\u003e symbols in output)\u003c/li\u003e\n\u003cli\u003eAdd more comprehensive types for the OpenAPI doc from the official package (now a dependency) and apply some patches to these types because they're slightly outdated\u003c/li\u003e\n\u003cli\u003eFixes several issues with gathering schema descriptions, such as consuming jsdoc comments from node_modules types\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7294\"\u003etrpc/trpc#7294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trpc/trpc/compare/v11.15.1...v11.16.0\"\u003ehttps://github.com/trpc/trpc/compare/v11.15.1...v11.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/23c723cfeaf07da28a52a5c35c3dcccf96a47578\"\u003e\u003ccode\u003e23c723c\u003c/code\u003e\u003c/a\u003e v11.17.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/cb17317f15654ee7bce1d34f737fee64a8babb43\"\u003e\u003ccode\u003ecb17317\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency undici to v8 (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/client/issues/7316\"\u003e#7316\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/48c51585463c03c95db9d0ea97447c4ca6c68134\"\u003e\u003ccode\u003e48c5158\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​tanstack/intent\u003c/code\u003e to ^0.0.27 (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/client/issues/7309\"\u003e#7309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/59f2cdb3c58310733b06d3b2e16c94065fe0a9c3\"\u003e\u003ccode\u003e59f2cdb\u003c/code\u003e\u003c/a\u003e chore: Review stale skills (v11.16.0) (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/client/issues/7295\"\u003e#7295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/2713275631db358f17f2fec71a7f7e04b3db4add\"\u003e\u003ccode\u003e2713275\u003c/code\u003e\u003c/a\u003e v11.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/85b0ab89850167ae14ec5376044e2ac2a051c1d8\"\u003e\u003ccode\u003e85b0ab8\u003c/code\u003e\u003c/a\u003e v11.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/c4b1d7458ec869f6c51469f7fcd84b517d53ffae\"\u003e\u003ccode\u003ec4b1d74\u003c/code\u003e\u003c/a\u003e chore: Review stale skills (manual) (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/client/issues/7294\"\u003e#7294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/88b02b81d16d4046a709508799a905ac7bf9ce8b\"\u003e\u003ccode\u003e88b02b8\u003c/code\u003e\u003c/a\u003e v11.15.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/25b97f51ee4ee57da0da3c63cf54a50c6c8627d5\"\u003e\u003ccode\u003e25b97f5\u003c/code\u003e\u003c/a\u003e v11.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/88f9f622edeb213a1ec565dcf908ab92b9a983d6\"\u003e\u003ccode\u003e88f9f62\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​tanstack/intent\u003c/code\u003e to ^0.0.23 (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/client/issues/7274\"\u003e#7274\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/trpc/trpc/commits/v11.17.0/packages/client\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​trpc/client\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@trpc/react-query` from 11.7.1 to 11.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/trpc/trpc/releases\"\u003e@​trpc/react-query's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): bump next from 15.5.10 to 15.5.14 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7268\"\u003etrpc/trpc#7268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Review stale skills (v11.16.0) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7295\"\u003etrpc/trpc#7295\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server): unwrap error from cause for streaming onError by \u003ca href=\"https://github.com/zirkelc\"\u003e\u003ccode\u003e@​zirkelc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7286\"\u003etrpc/trpc#7286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Add cache checks for openapi router fixtures by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7296\"\u003etrpc/trpc#7296\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Update Hey API for new type imports by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7298\"\u003etrpc/trpc#7298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add oasdiff docs to openapi by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7299\"\u003etrpc/trpc#7299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Add subscription inferrence helpers by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7303\"\u003etrpc/trpc#7303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(www): Add accessible text to links without discernible text by \u003ca href=\"https://github.com/cyphercodes\"\u003e\u003ccode\u003e@​cyphercodes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7302\"\u003etrpc/trpc#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency \u003ccode\u003e@​tanstack/intent\u003c/code\u003e to ^0.0.27 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7309\"\u003etrpc/trpc#7309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency srvx to v0.11.14 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7310\"\u003etrpc/trpc#7310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​oxc-project/runtime\u003c/code\u003e to v0.123.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7311\"\u003etrpc/trpc#7311\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency \u003ccode\u003e@​clack/prompts\u003c/code\u003e to v1.2.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7312\"\u003etrpc/trpc#7312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump fastify from 5.8.1 to 5.8.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7288\"\u003etrpc/trpc#7288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update codecov/codecov-action action to v6 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7313\"\u003etrpc/trpc#7313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency eslint-plugin-unicorn to v64 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7314\"\u003etrpc/trpc#7314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency undici to v8 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7316\"\u003etrpc/trpc#7316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(monorepo): remove versions from private workspaces by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7306\"\u003etrpc/trpc#7306\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server): handle React 19 proxy coercion in createInnerProxy by \u003ca href=\"https://github.com/DORI2001\"\u003e\u003ccode\u003e@​DORI2001\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7336\"\u003etrpc/trpc#7336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add trpc-studio to awesome-trpc extensions by \u003ca href=\"https://github.com/sayefdeen\"\u003e\u003ccode\u003e@​sayefdeen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7340\"\u003etrpc/trpc#7340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade pnpm to 10.33.1 by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7350\"\u003etrpc/trpc#7350\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: upgrade drizzle in next-sse-chat example by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7351\"\u003etrpc/trpc#7351\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(www): Add Legora to website logos by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7358\"\u003etrpc/trpc#7358\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cyphercodes\"\u003e\u003ccode\u003e@​cyphercodes\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7302\"\u003etrpc/trpc#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DORI2001\"\u003e\u003ccode\u003e@​DORI2001\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7336\"\u003etrpc/trpc#7336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sayefdeen\"\u003e\u003ccode\u003e@​sayefdeen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7340\"\u003etrpc/trpc#7340\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trpc/trpc/compare/v11.16.0...v11.17.0\"\u003ehttps://github.com/trpc/trpc/compare/v11.16.0...v11.17.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: OpenAPI Cyclic Types support by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7283\"\u003etrpc/trpc#7283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Review stale skills (manual) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7294\"\u003etrpc/trpc#7294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e@trpc/openapi\u003c/code\u003e 11.16.0-alpha\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrops the type depth limit of 20, and significantly hardens cyclic-type support for both inference and Zod\u003c/li\u003e\n\u003cli\u003eSupport zod.lazy via Standard Schema fallback\u003c/li\u003e\n\u003cli\u003eStrip symbols from output (no more \u003ccode\u003e__@asyncIterator@5456\u003c/code\u003e symbols in output)\u003c/li\u003e\n\u003cli\u003eAdd more comprehensive types for the OpenAPI doc from the official package (now a dependency) and apply some patches to these types because they're slightly outdated\u003c/li\u003e\n\u003cli\u003eFixes several issues with gathering schema descriptions, such as consuming jsdoc comments from node_modules types\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7294\"\u003etrpc/trpc#7294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trpc/trpc/compare/v11.15.1...v11.16.0\"\u003ehttps://github.com/trpc/trpc/compare/v11.15.1...v11.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/trpc/trpc/commits/v11.17.0/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​trpc/react-query\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@trpc/server` from 11.12.0 to 11.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/trpc/trpc/releases\"\u003e@​trpc/server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): bump next from 15.5.10 to 15.5.14 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7268\"\u003etrpc/trpc#7268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Review stale skills (v11.16.0) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7295\"\u003etrpc/trpc#7295\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server): unwrap error from cause for streaming onError by \u003ca href=\"https://github.com/zirkelc\"\u003e\u003ccode\u003e@​zirkelc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7286\"\u003etrpc/trpc#7286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Add cache checks for openapi router fixtures by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7296\"\u003etrpc/trpc#7296\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Update Hey API for new type imports by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7298\"\u003etrpc/trpc#7298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add oasdiff docs to openapi by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7299\"\u003etrpc/trpc#7299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Add subscription inferrence helpers by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7303\"\u003etrpc/trpc#7303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(www): Add accessible text to links without discernible text by \u003ca href=\"https://github.com/cyphercodes\"\u003e\u003ccode\u003e@​cyphercodes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7302\"\u003etrpc/trpc#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency \u003ccode\u003e@​tanstack/intent\u003c/code\u003e to ^0.0.27 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7309\"\u003etrpc/trpc#7309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency srvx to v0.11.14 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7310\"\u003etrpc/trpc#7310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​oxc-project/runtime\u003c/code\u003e to v0.123.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7311\"\u003etrpc/trpc#7311\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency \u003ccode\u003e@​clack/prompts\u003c/code\u003e to v1.2.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7312\"\u003etrpc/trpc#7312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump fastify from 5.8.1 to 5.8.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7288\"\u003etrpc/trpc#7288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update codecov/codecov-action action to v6 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7313\"\u003etrpc/trpc#7313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency eslint-plugin-unicorn to v64 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7314\"\u003etrpc/trpc#7314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency undici to v8 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7316\"\u003etrpc/trpc#7316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(monorepo): remove versions from private workspaces by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7306\"\u003etrpc/trpc#7306\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server): handle React 19 proxy coercion in createInnerProxy by \u003ca href=\"https://github.com/DORI2001\"\u003e\u003ccode\u003e@​DORI2001\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7336\"\u003etrpc/trpc#7336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add trpc-studio to awesome-trpc extensions by \u003ca href=\"https://github.com/sayefdeen\"\u003e\u003ccode\u003e@​sayefdeen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7340\"\u003etrpc/trpc#7340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade pnpm to 10.33.1 by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7350\"\u003etrpc/trpc#7350\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: upgrade drizzle in next-sse-chat example by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7351\"\u003etrpc/trpc#7351\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(www): Add Legora to website logos by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7358\"\u003etrpc/trpc#7358\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cyphercodes\"\u003e\u003ccode\u003e@​cyphercodes\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7302\"\u003etrpc/trpc#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DORI2001\"\u003e\u003ccode\u003e@​DORI2001\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7336\"\u003etrpc/trpc#7336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sayefdeen\"\u003e\u003ccode\u003e@​sayefdeen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7340\"\u003etrpc/trpc#7340\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trpc/trpc/compare/v11.16.0...v11.17.0\"\u003ehttps://github.com/trpc/trpc/compare/v11.16.0...v11.17.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: OpenAPI Cyclic Types support by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7283\"\u003etrpc/trpc#7283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Review stale skills (manual) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7294\"\u003etrpc/trpc#7294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e@trpc/openapi\u003c/code\u003e 11.16.0-alpha\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrops the type depth limit of 20, and significantly hardens cyclic-type support for both inference and Zod\u003c/li\u003e\n\u003cli\u003eSupport zod.lazy via Standard Schema fallback\u003c/li\u003e\n\u003cli\u003eStrip symbols from output (no more \u003ccode\u003e__@asyncIterator@5456\u003c/code\u003e symbols in output)\u003c/li\u003e\n\u003cli\u003eAdd more comprehensive types for the OpenAPI doc from the official package (now a dependency) and apply some patches to these types because they're slightly outdated\u003c/li\u003e\n\u003cli\u003eFixes several issues with gathering schema descriptions, such as consuming jsdoc comments from node_modules types\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7294\"\u003etrpc/trpc#7294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trpc/trpc/compare/v11.15.1...v11.16.0\"\u003ehttps://github.com/trpc/trpc/compare/v11.15.1...v11.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/23c723cfeaf07da28a52a5c35c3dcccf96a47578\"\u003e\u003ccode\u003e23c723c\u003c/code\u003e\u003c/a\u003e v11.17.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/2c5b6a8c6366c005508c0f481ad3ae344653a6f8\"\u003e\u003ccode\u003e2c5b6a8\u003c/code\u003e\u003c/a\u003e fix(server): handle React 19 proxy coercion in createInnerProxy (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/server/issues/7336\"\u003e#7336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/7ba14fdb6c351d93747bc883c5c61af22702aadb\"\u003e\u003ccode\u003e7ba14fd\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​oxc-project/runtime\u003c/code\u003e to v0.123.0 (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/server/issues/7311\"\u003e#7311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/48c51585463c03c95db9d0ea97447c4ca6c68134\"\u003e\u003ccode\u003e48c5158\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​tanstack/intent\u003c/code\u003e to ^0.0.27 (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/server/issues/7309\"\u003e#7309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/d3c4051f03d0ca1f31177cadc10adff21c9048b8\"\u003e\u003ccode\u003ed3c4051\u003c/code\u003e\u003c/a\u003e feat: Add subscription inferrence helpers (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/server/issues/7303\"\u003e#7303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/2b8a4f826d3b22829343cebd9b23e163dfeecd09\"\u003e\u003ccode\u003e2b8a4f8\u003c/code\u003e\u003c/a\u003e fix(server): unwrap error from cause for streaming onError (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/server/issues/7286\"\u003e#7286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/59f2cdb3c58310733b06d3b2e16c94065fe0a9c3\"\u003e\u003ccode\u003e59f2cdb\u003c/code\u003e\u003c/a\u003e chore: Review stale skills (v11.16.0) (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/server/issues/7295\"\u003e#7295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/2713275631db358f17f2fec71a7f7e04b3db4add\"\u003e\u003ccode\u003e2713275\u003c/code\u003e\u003c/a\u003e v11.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/85b0ab89850167ae14ec5376044e2ac2a051c1d8\"\u003e\u003ccode\u003e85b0ab8\u003c/code\u003e\u003c/a\u003e v11.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/c4b1d7458ec869f6c51469f7fcd84b517d53ffae\"\u003e\u003ccode\u003ec4b1d74\u003c/code\u003e\u003c/a\u003e chore: Review stale skills (manual) (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/server/issues/7294\"\u003e#7294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/trpc/trpc/commits/v11.17.0/packages/server\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.6 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca h...\n\n_Description has been truncated_","html_url":"https://github.com/Dianasmith6525/amerilendloan2/pull/21","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Dianasmith6525%2Famerilendloan2/issues/21","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/21/packages"},{"uuid":"4506154405","node_id":"PR_kwDODiUv5M7ehbXL","number":17,"state":"closed","title":"Bump cookie and express","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-22T23:56:13.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-22T23:51:55.000Z","updated_at":"2026-05-22T23:56:15.000Z","time_to_close":258,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"cookie","repository_url":"https://github.com/jshttp/cookie","old_version":"0.4.0","new_version":"0.7.2"},{"name":"express","repository_url":"https://github.com/expressjs/express","old_version":"4.17.1","new_version":"4.22.2"}],"path":null,"ecosystem":"npm"},"body":"Bumps [cookie](https://github.com/jshttp/cookie) to 0.7.2 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.\n\nUpdates `cookie` from 0.4.0 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)  bc38ffd\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eAlthough not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd fast path for \u003ccode\u003eserialize\u003c/code\u003e without options, use \u003ccode\u003eobj.hasOwnProperty\u003c/code\u003e when parsing (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eperf: parse cookies ~10% faster (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e by \u003ca href=\"https://github.com/kurtextrem\"\u003e\u003ccode\u003e@​kurtextrem\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: narrow the validation of cookies to match RFC6265 (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/167\"\u003e#167\u003c/a\u003e by \u003ca href=\"https://github.com/bewinsnw\"\u003e\u003ccode\u003e@​bewinsnw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: add \u003ccode\u003emain\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e for rspack (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/166\"\u003e#166\u003c/a\u003e by \u003ca href=\"https://github.com/proudparrot2\"\u003e\u003ccode\u003e@​proudparrot2\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\"\u003ehttps://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003epartitioned\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003epriority\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eexpires\u003c/code\u003e option to reject invalid dates\u003c/li\u003e\n\u003cli\u003epref: improve default decode speed\u003c/li\u003e\n\u003cli\u003epref: remove slow string split in parse\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.4.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epref: read value only when assigning in parse\u003c/li\u003e\n\u003cli\u003epref: remove unnecessary regexp in parse\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.4.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003emaxAge\u003c/code\u003e option to reject invalid values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/d19eaa1a2bb9ca43ac0951edd852ba4e88e410e0\"\u003e\u003ccode\u003ed19eaa1\u003c/code\u003e\u003c/a\u003e 0.7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/bc38ffd0eae716b199236dda061d0bdc74192dd3\"\u003e\u003ccode\u003ebc38ffd\u003c/code\u003e\u003c/a\u003e Fix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/cf4658f492c5bd96aeaf5693c3500f8495031014\"\u003e\u003ccode\u003ecf4658f\u003c/code\u003e\u003c/a\u003e 0.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6a8b8f5a49af7897b98ebfb29a1c4955afa3d33e\"\u003e\u003ccode\u003e6a8b8f5\u003c/code\u003e\u003c/a\u003e Allow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/58015c0b93de0b63db245cfdc5a108e511a81ad0\"\u003e\u003ccode\u003e58015c0\u003c/code\u003e\u003c/a\u003e Remove more code and perf wins (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627\"\u003e\u003ccode\u003eab057d6\u003c/code\u003e\u003c/a\u003e 0.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542\"\u003e\u003ccode\u003e5f02ca8\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579\"\u003e\u003ccode\u003ea5d591c\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105\"\u003e\u003ccode\u003e51968f9\u003c/code\u003e\u003c/a\u003e Skip isNaN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc\"\u003e\u003ccode\u003e9e7ca51\u003c/code\u003e\u003c/a\u003e perf(parse): cache length, return early (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.4.0...v0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.1 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.1...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Kibrands/musicApiRest/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Kibrands/musicApiRest/pull/17","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kibrands%2FmusicApiRest/issues/17","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/17/packages"},{"uuid":"4505979258","node_id":"PR_kwDORZ8qPc7eg4i8","number":144,"state":"open","title":"chore(deps): bump cookie and @auth/core","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":6,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-22T22:49:01.000Z","updated_at":"2026-05-22T22:49:47.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"cookie","repository_url":"https://github.com/jshttp/cookie","old_version":null,"new_version":null,"is_removal":true},{"name":"@auth/core","repository_url":"https://github.com/nextauthjs/next-auth","old_version":"0.34.3","new_version":"0.41.2"}],"path":null,"ecosystem":"npm"},"body":"Removes [cookie](https://github.com/jshttp/cookie). It's no longer used after updating ancestor dependency [@auth/core](https://github.com/nextauthjs/next-auth). These dependencies need to be updated together.\n\nRemoves `cookie`\n\nUpdates `@auth/core` from 0.34.3 to 0.41.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nextauthjs/next-auth/releases\"\u003e@​auth/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​auth/core\u003c/code\u003e\u003ca href=\"https://github.com/0\"\u003e\u003ccode\u003e@​0\u003c/code\u003e\u003c/a\u003e.41.2\u003c/h2\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eproviders\u003c/strong\u003e: add issuer to GitHub provider for RFC 9207 compliance (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13410\"\u003e#13410\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esync package versions with npm registry (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13414\"\u003e#13414\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​auth/core\u003c/code\u003e\u003ca href=\"https://github.com/0\"\u003e\u003ccode\u003e@​0\u003c/code\u003e\u003c/a\u003e.41.1\u003c/h2\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esecurity issue from \u003ccode\u003enodemailer\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13305\"\u003e#13305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eupdate links for Credentials-based Authentication (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13258\"\u003e#13258\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​auth/core\u003c/code\u003e\u003ca href=\"https://github.com/0\"\u003e\u003ccode\u003e@​0\u003c/code\u003e\u003c/a\u003e.41.0\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eproviders\u003c/strong\u003e: support custom baseURL for Gitlab (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13260\"\u003e#13260\u003c/a\u003e) (745751e9)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix build\u003c/li\u003e\n\u003cli\u003eadjust default fusionauth provider details (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/af9daa82a56952e601691a0c57f7e4740c5f2f58\"\u003e\u003ccode\u003eaf9daa8\u003c/code\u003e\u003c/a\u003e chore(release): bump package version(s) [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/d4dab3dd94f0f726a0db094b1ce0cf2231c98bcf\"\u003e\u003ccode\u003ed4dab3d\u003c/code\u003e\u003c/a\u003e chore: sync package versions with npm registry (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13414\"\u003e#13414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/8a23c5b27001fa05034c136fe3cbf8ee5199324b\"\u003e\u003ccode\u003e8a23c5b\u003c/code\u003e\u003c/a\u003e chore: fix lockfile (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13411\"\u003e#13411\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/2018202b9f9cf850c3c755393174125251f744ff\"\u003e\u003ccode\u003e2018202\u003c/code\u003e\u003c/a\u003e docs: fix TypeScript type mismatch in refresh token rotation example (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13396\"\u003e#13396\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/0eba7e442f10713873b418ed3433121f241e7456\"\u003e\u003ccode\u003e0eba7e4\u003c/code\u003e\u003c/a\u003e adapter-kysely: Update kysely for CVE-2026-33468 (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13407\"\u003e#13407\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/67f2b168d5e4dfbcec421ec42246fae786f71e52\"\u003e\u003ccode\u003e67f2b16\u003c/code\u003e\u003c/a\u003e fix(providers): add issuer to GitHub provider for RFC 9207 compliance (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13410\"\u003e#13410\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/f4570683676039dfa4e47e3fd69224d74dc7f6ca\"\u003e\u003ccode\u003ef457068\u003c/code\u003e\u003c/a\u003e docs: update middleware.ts references to proxy.ts for Next.js 16 (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13373\"\u003e#13373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/c7c2cfa5780c72ee4adf6d93d830ef7ea8d252c5\"\u003e\u003ccode\u003ec7c2cfa\u003c/code\u003e\u003c/a\u003e docs: update Better Auth migration guide (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13334\"\u003e#13334\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/b4ef14ab51d26d5c9aaac757ef2155a100bc21da\"\u003e\u003ccode\u003eb4ef14a\u003c/code\u003e\u003c/a\u003e chore(release): bump version [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/2824fa1174a666df03cdee702584941b797c9404\"\u003e\u003ccode\u003e2824fa1\u003c/code\u003e\u003c/a\u003e feat: add next 16 support (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13298\"\u003e#13298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nextauthjs/next-auth/compare/@auth/core@0.34.3...@auth/core@0.41.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~better-gustavo\"\u003ebetter-gustavo\u003c/a\u003e, a new releaser for \u003ccode\u003e@​auth/core\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/undone0603/authichain-unified/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/undone0603/authichain-unified/pull/144","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/undone0603%2Fauthichain-unified/issues/144","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/144/packages"},{"uuid":"4499913173","node_id":"PR_kwDOPXTbT87eNNb5","number":82,"state":"open","title":"chore(deps): bump cookie from 0.6.0 to 1.1.1","user":"dependabot[bot]","labels":["dependencies","configuration"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-22T04:50:02.000Z","updated_at":"2026-05-22T04:50:10.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"cookie","old_version":"0.6.0","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"}],"path":null,"ecosystem":"npm"},"body":"Bumps [cookie](https://github.com/jshttp/cookie) from 0.6.0 to 1.1.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cookie\u0026package-manager=npm_and_yarn\u0026previous-version=0.6.0\u0026new-version=1.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Tomdrouv1/coherent.js/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Tomdrouv1/coherent.js/pull/82","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tomdrouv1%2Fcoherent.js/issues/82","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/82/packages"},{"uuid":"4499846797","node_id":"PR_kwDOSQyLJc7eM_8V","number":6,"state":"open","title":"build(deps): bump the npm_and_yarn group across 1 directory with 3 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-22T04:35:17.000Z","updated_at":"2026-05-22T04:35:56.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"npm_and_yarn","update_count":3,"packages":[{"name":"next","old_version":"15.0.3","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"postcss","old_version":"8.4.35","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"cookie","old_version":"0.5.0","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the / directory: [next](https://github.com/vercel/next.js), [postcss](https://github.com/postcss/postcss) and [cookie](https://github.com/jshttp/cookie).\n\nUpdates `next` from 15.0.3 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.18\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.16\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9ff92cebcaa6ba4e7463b6fd037a8510ba9b81ec\"\u003e\u003ccode\u003e9ff92ce\u003c/code\u003e\u003c/a\u003e v15.5.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/00ebe23562bd7eb32dd78730984bfadb47138bcf\"\u003e\u003ccode\u003e00ebe23\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/62c97ab0b5825e2cbc15f6b682d8286a8dd6a038\"\u003e\u003ccode\u003e62c97ab\u003c/code\u003e\u003c/a\u003e v15.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/423623ae38c106273085b66946ee5bf9aab77f2c\"\u003e\u003ccode\u003e423623a\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fa787399b38d9aa702118f9bd23a8315b9f0ecc6\"\u003e\u003ccode\u003efa78739\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36e62c6eb7813e42d409eb487f93b829f4ad77e8\"\u003e\u003ccode\u003e36e62c6\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93588\"\u003e#93588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36589b5db512b7704cdadd873cbe49b6dbcc9261\"\u003e\u003ccode\u003e36589b5\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93596\"\u003e#93596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ad6fd4e50e5aba20b60d283c42b89273a3167ccd\"\u003e\u003ccode\u003ead6fd4e\u003c/code\u003e\u003c/a\u003e v15.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/79d7dff1448483f0c8f187f98887b31019f6e494\"\u003e\u003ccode\u003e79d7dff\u003c/code\u003e\u003c/a\u003e Ignore malformed CSP nonce headers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c4f69086cc8dcbd81b1dbc321c98ea874d90d6f8\"\u003e\u003ccode\u003ec4f6908\u003c/code\u003e\u003c/a\u003e router-server: guard upgrade proxy against absolute-url SSRF (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/77\"\u003e#77\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v15.0.3...v15.5.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.4.35 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003ePostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e during \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/1995\"\u003ehis work\u003c/a\u003e on \u003ca href=\"https://stylelint.io\"\u003eStylelint\u003c/a\u003e added \u003ccode\u003eInput#document\u003c/code\u003e in additional to \u003ccode\u003eInput#css\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eroot.source.input.document //=\u0026gt; \u0026quot;\u0026lt;p\u0026gt;Hello\u0026lt;/p\u0026gt;\r\n                           //    \u0026lt;style\u0026gt;\r\n                           //    p {\r\n                           //      color: green;\r\n                           //    }\r\n                           //    \u0026lt;/style\u0026gt;\u0026quot;\r\nroot.source.input.css      //=\u0026gt; \u0026quot;p {\r\n                           //      color: green;\r\n                           //    }\u0026quot;\r\n\u003cp\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eInput#document\u003c/code\u003e for sources like CSS-in-JS or HTML (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.4.49\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax without \u003ccode\u003esource.offset\u003c/code\u003e (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.4.35...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.5.0 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.5.0...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/DingJun1028/esggo_original/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/DingJun1028/esggo_original/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DingJun1028%2Fesggo_original/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4498791047","node_id":"PR_kwDOSkcNvs7eJp52","number":4,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 25 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-22T00:24:26.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-22T00:23:54.000Z","updated_at":"2026-05-22T00:24:28.000Z","time_to_close":32,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":25,"packages":[{"name":"dottie","old_version":"2.0.6","new_version":"2.0.7","repository_url":"https://github.com/mickhansen/dottie.js"},{"name":"file-type","old_version":"16.5.4","new_version":"21.3.2","repository_url":"https://github.com/sindresorhus/file-type"},{"name":"multer","old_version":"1.4.5-lts.2","new_version":"2.1.1","repository_url":"https://github.com/expressjs/multer"},{"name":"sanitize-html","old_version":"1.4.2","new_version":"2.12.1","repository_url":"https://github.com/apostrophecms/apostrophe"},{"name":"sequelize","old_version":"6.37.7","new_version":"6.37.8","repository_url":"https://github.com/sequelize/sequelize"},{"name":"socket.io","old_version":"3.1.2","new_version":"4.6.2","repository_url":"https://github.com/socketio/socket.io"},{"name":"brace-expansion","old_version":"1.1.12","new_version":"2.1.0","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"2.3.2","new_version":"removed","repository_url":"https://github.com/micromatch/braces"},{"name":"@xmldom/xmldom","old_version":"0.8.11","new_version":"0.8.13","repository_url":"https://github.com/xmldom/xmldom"},{"name":"cookie","old_version":"0.4.2","new_version":"0.7.2","repository_url":"https://github.com/jshttp/cookie"},{"name":"crypto-js","old_version":"3.3.0","new_version":"removed","repository_url":"https://github.com/brix/crypto-js"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"diff","old_version":"5.0.0","new_version":"5.2.2","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.15.11","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"handlebars","old_version":"4.7.8","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 15 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [dottie](https://github.com/mickhansen/dottie.js) | `2.0.6` | `2.0.7` |\n| [file-type](https://github.com/sindresorhus/file-type) | `16.5.4` | `21.3.2` |\n| [multer](https://github.com/expressjs/multer) | `1.4.5-lts.2` | `2.1.1` |\n| [sanitize-html](https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html) | `1.4.2` | `2.12.1` |\n| [sequelize](https://github.com/sequelize/sequelize) | `6.37.7` | `6.37.8` |\n| [socket.io](https://github.com/socketio/socket.io) | `3.1.2` | `4.6.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `2.1.0` |\n| [braces](https://github.com/micromatch/braces) | `2.3.2` | `removed` |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.11` | `0.8.13` |\n| [cookie](https://github.com/jshttp/cookie) | `0.4.2` | `0.7.2` |\n| [crypto-js](https://github.com/brix/crypto-js) | `3.3.0` | `removed` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [diff](https://github.com/kpdecker/jsdiff) | `5.0.0` | `5.2.2` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.11` | `1.16.0` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.8` | `4.7.9` |\n\n\nUpdates `dottie` from 2.0.6 to 2.0.7\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickhansen/dottie.js/commit/334c32b80ed536522b567ee6a844caf8e5fef9c3\"\u003e\u003ccode\u003e334c32b\u003c/code\u003e\u003c/a\u003e 2.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickhansen/dottie.js/commit/7e8fa1345a4b46325f0eab8d7aeb1c4deaefdb14\"\u003e\u003ccode\u003e7e8fa13\u003c/code\u003e\u003c/a\u003e fix: check all path segments for dangerous keys (bypass of CVE-2023-2… (\u003ca href=\"https://redirect.github.com/mickhansen/dottie.js/issues/43\"\u003e#43\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickhansen/dottie.js/commit/a72eb993212939d60a2801843ce3e968dfc5c6a6\"\u003e\u003ccode\u003ea72eb99\u003c/code\u003e\u003c/a\u003e Update test GitHub Action (\u003ca href=\"https://redirect.github.com/mickhansen/dottie.js/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mickhansen/dottie.js/compare/v2.0.6...v2.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `file-type` from 16.5.4 to 21.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sindresorhus/file-type/releases\"\u003efile-type's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev21.3.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix ZIP bomb in known-size ZIP probing (GHSA-j47w-4g3g-c36v)  a155cd7\u003c/li\u003e\n\u003cli\u003eFix bound recursive BOM and ID3 detection  370ed91\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.3.1...v21.3.2\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.3.1...v21.3.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix infinite loop in ASF parser on malformed input (\u003ca href=\"https://github.com/sindresorhus/file-type/security/advisories/GHSA-5v7r-6r5c-r473\"\u003ehttps://github.com/sindresorhus/file-type/security/advisories/GHSA-5v7r-6r5c-r473\u003c/a\u003e)  319abf8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.3.0...v21.3.1\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.3.0...v21.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Mach-O Universal (aka \u0026quot;Fat\u0026quot;) binaries and additional architectures (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/779\"\u003e#779\u003c/a\u003e)  d223491\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.2.0...v21.3.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.2.0...v21.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for SPSS data files (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/787\"\u003e#787\u003c/a\u003e)  889f638\u003c/li\u003e\n\u003cli\u003eAdd support for JMP (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/784\"\u003e#784\u003c/a\u003e)  093dba0\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.1.1...v21.2.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.1.1...v21.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix handling of partial Gunzip file (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/783\"\u003e#783\u003c/a\u003e)  710e053\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.1.0...v21.1.1\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.1.0...v21.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003e.tar.gz\u003c/code\u003e (gunzipped tarball file) (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/763\"\u003e#763\u003c/a\u003e)  eda03a7\u003c/li\u003e\n\u003cli\u003eAdd support for Windows registry (.reg) files   0db61ec 7d2ddcf\u003c/li\u003e\n\u003cli\u003eAdd support for Windows registry hive file (\u003ccode\u003e.dat\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/767\"\u003e#767\u003c/a\u003e)  f8d62be\u003c/li\u003e\n\u003cli\u003eFix: Handle partial unzip (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/773\"\u003e#773\u003c/a\u003e)  7ad3a90\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.0.0...v21.1.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.0.0...v21.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.0.0\u003c/h2\u003e\n\u003ch3\u003eBreaking\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/e18028c3cc19441477c3459991fee9770d88c218\"\u003e\u003ccode\u003ee18028c\u003c/code\u003e\u003c/a\u003e 21.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/a155cd71323279de173c54e8c530d300d3854fdd\"\u003e\u003ccode\u003ea155cd7\u003c/code\u003e\u003c/a\u003e Fix ZIP bomb in known-size ZIP probing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/69548179cca2c0ab6a0cc93af59392f8c351cab1\"\u003e\u003ccode\u003e6954817\u003c/code\u003e\u003c/a\u003e Harden parser more\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/370ed9185d112eea4d989fecb843597b1d94cf09\"\u003e\u003ccode\u003e370ed91\u003c/code\u003e\u003c/a\u003e Fix bound recursive BOM and ID3 detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/d2ecea187c47b944a9c001ae7637f02baed0825a\"\u003e\u003ccode\u003ed2ecea1\u003c/code\u003e\u003c/a\u003e Add a few more safeguards\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/41fcff5de64cfb53da6b2b9c048ebea8213f32c2\"\u003e\u003ccode\u003e41fcff5\u003c/code\u003e\u003c/a\u003e Update readme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/a8f6934ddd93c3e12cc4ecb0cfc3e8d816d4b9fd\"\u003e\u003ccode\u003ea8f6934\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/ad5857e5384874e853cc9c4c29b867f1135a7c30\"\u003e\u003ccode\u003ead5857e\u003c/code\u003e\u003c/a\u003e 21.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/5d2fedf104dc5067b51a1f31410aa60052c74f64\"\u003e\u003ccode\u003e5d2fedf\u003c/code\u003e\u003c/a\u003e Harden parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/319abf871b50ba2fa221b4a7050059f1ae096f4f\"\u003e\u003ccode\u003e319abf8\u003c/code\u003e\u003c/a\u003e Fix infinite loop in ASF parser on malformed input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sindresorhus/file-type/compare/v16.5.4...v21.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `multer` from 1.4.5-lts.2 to 2.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/multer/releases\"\u003emulter's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-3520\"\u003eCVE-2026-3520\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-5528-5vmv-3xc2\"\u003eGHSA-5528-5vmv-3xc2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: add node version to 25.x in CI by \u003ca href=\"https://github.com/imangas\"\u003e\u003ccode\u003e@​imangas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1372\"\u003eexpressjs/multer#1372\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1378\"\u003eexpressjs/multer#1378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1377\"\u003eexpressjs/multer#1377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump github/codeql-action from 3.24.7 to 4.32.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1376\"\u003eexpressjs/multer#1376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump actions/upload-artifact from 4.5.0 to 7.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1375\"\u003eexpressjs/multer#1375\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump actions/checkout from 4.1.1 to 6.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1374\"\u003eexpressjs/multer#1374\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix error/abort handling by \u003ca href=\"https://github.com/ctcpip\"\u003e\u003ccode\u003e@​ctcpip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1373\"\u003eexpressjs/multer#1373\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e2.1.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1380\"\u003eexpressjs/multer#1380\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/imangas\"\u003e\u003ccode\u003e@​imangas\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1372\"\u003eexpressjs/multer#1372\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1378\"\u003eexpressjs/multer#1378\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/multer/compare/v2.1.0...v2.1.1\"\u003ehttps://github.com/expressjs/multer/compare/v2.1.0...v2.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-2359\"\u003eCVE-2026-2359\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-v52c-386h-88mc\"\u003eGHSA-v52c-386h-88mc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-3304\"\u003eCVE-2026-3304\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-xf7r-hgr6-v32p\"\u003eGHSA-xf7r-hgr6-v32p\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1346\"\u003eexpressjs/multer#1346\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: drop mkdirp dependency by \u003ca href=\"https://github.com/wojtekmaj\"\u003e\u003ccode\u003e@​wojtekmaj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1350\"\u003eexpressjs/multer#1350\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: drop object-assign dependency by \u003ca href=\"https://github.com/wojtekmaj\"\u003e\u003ccode\u003e@​wojtekmaj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1351\"\u003eexpressjs/multer#1351\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: drop xtend dependency by \u003ca href=\"https://github.com/wojtekmaj\"\u003e\u003ccode\u003e@​wojtekmaj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1352\"\u003eexpressjs/multer#1352\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(gitignore): ignore .nyc_output directory by \u003ca href=\"https://github.com/ShubhamOulkar\"\u003e\u003ccode\u003e@​ShubhamOulkar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1332\"\u003eexpressjs/multer#1332\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in README-vi.md regarding file upload by \u003ca href=\"https://github.com/Kunniii\"\u003e\u003ccode\u003e@​Kunniii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1366\"\u003eexpressjs/multer#1366\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in README-pt-br.md for array method by \u003ca href=\"https://github.com/matheushbm192\"\u003e\u003ccode\u003e@​matheushbm192\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1367\"\u003eexpressjs/multer#1367\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eheaders-support-utf8 by \u003ca href=\"https://github.com/Doc999tor\"\u003e\u003ccode\u003e@​Doc999tor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1210\"\u003eexpressjs/multer#1210\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Turkish translation (README-tr.md) by \u003ca href=\"https://github.com/Sabandogan\"\u003e\u003ccode\u003e@​Sabandogan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1360\"\u003eexpressjs/multer#1360\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.1.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1371\"\u003eexpressjs/multer#1371\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wojtekmaj\"\u003e\u003ccode\u003e@​wojtekmaj\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1350\"\u003eexpressjs/multer#1350\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ShubhamOulkar\"\u003e\u003ccode\u003e@​ShubhamOulkar\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1332\"\u003eexpressjs/multer#1332\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kunniii\"\u003e\u003ccode\u003e@​Kunniii\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1366\"\u003eexpressjs/multer#1366\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/matheushbm192\"\u003e\u003ccode\u003e@​matheushbm192\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1367\"\u003eexpressjs/multer#1367\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Doc999tor\"\u003e\u003ccode\u003e@​Doc999tor\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1210\"\u003eexpressjs/multer#1210\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Sabandogan\"\u003e\u003ccode\u003e@​Sabandogan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1360\"\u003eexpressjs/multer#1360\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/multer/compare/v2.0.2...v2.1.0\"\u003ehttps://github.com/expressjs/multer/compare/v2.0.2...v2.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/multer/blob/main/CHANGELOG.md\"\u003emulter's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-3520\"\u003eCVE-2026-3520\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-5528-5vmv-3xc2\"\u003eGHSA-5528-5vmv-3xc2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix error/abort handling\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003edefParamCharset\u003c/code\u003e option for UTF-8 filename support (\u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1210\"\u003e#1210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-2359\"\u003eCVE-2026-2359\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-v52c-386h-88mc\"\u003eGHSA-v52c-386h-88mc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-3304\"\u003eCVE-2026-3304\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-xf7r-hgr6-v32p\"\u003eGHSA-xf7r-hgr6-v32p\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-7338\"\u003eCVE-2025-7338\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-fjgf-rc76-4x9p\"\u003eGHSA-fjgf-rc76-4x9p\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-48997\"\u003eCVE-2025-48997\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-g5hg-p3ph-g8qg\"\u003eGHSA-g5hg-p3ph-g8qg\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBreaking change: The minimum supported Node version is now 10.16.0\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-47935\"\u003eCVE-2025-47935\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-44fp-w29j-9vj5\"\u003eGHSA-44fp-w29j-9vj5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-47944\"\u003eCVE-2025-47944\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-4pg4-qvpc-4q3h\"\u003eGHSA-4pg4-qvpc-4q3h\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/368c8a10cca11854cf17c24029fefd1eafb1c059\"\u003e\u003ccode\u003e368c8a1\u003c/code\u003e\u003c/a\u003e 2.1.1 (\u003ca href=\"https://redirect.github.com/expressjs/multer/issues/1380\"\u003e#1380\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/7e66481f8b2e6c54b982b34c152479e096ce2752\"\u003e\u003ccode\u003e7e66481\u003c/code\u003e\u003c/a\u003e 🐛 fix recursion issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/643571ef85e9db94b87a777773f4d67156f82a3e\"\u003e\u003ccode\u003e643571e\u003c/code\u003e\u003c/a\u003e ✅ add explicit test for client able to send body without abrupt disconnect\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/e86fa523753f8d54ad0687bf52fb20044b6fa309\"\u003e\u003ccode\u003ee86fa52\u003c/code\u003e\u003c/a\u003e fix error/abort handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/ca37779bf1f531a70af9977805380d0f51d293e2\"\u003e\u003ccode\u003eca37779\u003c/code\u003e\u003c/a\u003e chore(deps): bump actions/checkout from 4.1.1 to 6.0.2 (\u003ca href=\"https://redirect.github.com/expressjs/multer/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/13088f41e3bf8c3fc21d8c2867ffafb42470ed09\"\u003e\u003ccode\u003e13088f4\u003c/code\u003e\u003c/a\u003e chore(deps): bump actions/upload-artifact from 4.5.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/expressjs/multer/issues/1375\"\u003e#1375\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/bc6a1d1374f7ddc9baf9d22bf7c30f831c621e3a\"\u003e\u003ccode\u003ebc6a1d1\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action from 3.24.7 to 4.32.4 (\u003ca href=\"https://redirect.github.com/expressjs/multer/issues/1376\"\u003e#1376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/c496e931263a901ccfc0821ac21768ac23786f77\"\u003e\u003ccode\u003ec496e93\u003c/code\u003e\u003c/a\u003e chore(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 (\u003ca href=\"https://redirect.github.com/expressjs/multer/issues/1377\"\u003e#1377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/fa173d30d01f4e18a8be74570b2770c7230b8b05\"\u003e\u003ccode\u003efa173d3\u003c/code\u003e\u003c/a\u003e chore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.3 (\u003ca href=\"https://redirect.github.com/expressjs/multer/issues/1378\"\u003e#1378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/17d7f5193a237ebfd4c19274c7a6729538b4a9a0\"\u003e\u003ccode\u003e17d7f51\u003c/code\u003e\u003c/a\u003e chore: add node version to 25.x in CI\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/multer/compare/v1.4.5-lts.2...v2.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for multer since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sanitize-html` from 1.4.2 to 2.12.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apostrophecms/apostrophe/blob/main/packages/sanitize-html/CHANGELOG.md\"\u003esanitize-html's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.12.1 (2024-02-22)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDo not parse sourcemaps in \u003ccode\u003epost-css\u003c/code\u003e. This fixes a vulnerability in which information about the existence or non-existence of files on a server could be disclosed via properly crafted HTML input when the \u003ccode\u003estyle\u003c/code\u003e attribute is allowed by the configuration. Thanks to the \u003ca href=\"https://snyk.io/\"\u003eSnyk Security team\u003c/a\u003e for the disclosure and to \u003ca href=\"https://dylan.is/\"\u003eDylan Armstrong\u003c/a\u003e for the fix.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.12.0 (2024-02-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eIntroduced the \u003ccode\u003eallowedEmptyAttributes\u003c/code\u003e option, enabling explicit specification of empty string values for select attributes, with the default attribute set to \u003ccode\u003ealt\u003c/code\u003e. Thanks to \u003ca href=\"https://github.com/zhna123\"\u003eNa\u003c/a\u003e for the contribution.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eClarified the use of SVGs with a new test and changes to documentation. Thanks to \u003ca href=\"https://github.com/gkumar9891\"\u003eGauav Kumar\u003c/a\u003e for the contribution.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDo not process source maps when processing style tags with PostCSS.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.11.0 (2023-06-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix to allow \u003ccode\u003efalse\u003c/code\u003e in \u003ccode\u003eallowedClasses\u003c/code\u003e attributes. Thanks to \u003ca href=\"https://github.com/KevinSJ\"\u003eKevin Jiang\u003c/a\u003e for this fix!\u003c/li\u003e\n\u003cli\u003eUpgrade mocha version\u003c/li\u003e\n\u003cli\u003eApply small linter fixes in tests\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e.idea\u003c/code\u003e temp files to \u003ccode\u003e.gitignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThanks to \u003ca href=\"https://github.com/VitaliiShpital\"\u003eVitalii Shpital\u003c/a\u003e for the updates!\u003c/li\u003e\n\u003cli\u003eShow parseStyleAttributes warning in browser only. Thanks to \u003ca href=\"https://github.com/mog422\"\u003emog422\u003c/a\u003e for this update!\u003c/li\u003e\n\u003cli\u003eRemove empty non-boolean attributes via an exhaustive, configurable list of known non-boolean attributes. \u003ca href=\"https://github.com/dylanarmstrong\"\u003eThanks to Dylan Armstrong\u003c/a\u003e for this update!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.10.0 (2023-02-17)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix auto-adding escaped closing tags. In other words, do not add implied closing tags to disallowed tags when \u003ccode\u003edisallowedTagMode\u003c/code\u003e is set to any variant of \u003ccode\u003eescape\u003c/code\u003e -- just escape the disallowed tags that are present. This fixes [issue \u003ca href=\"https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html/issues/464\"\u003e#464\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/apostrophecms/sanitize-html/issues/464\"\u003eapostrophecms/sanitize-html#464\u003c/a\u003e). Thanks to \u003ca href=\"https://github.com/dliebner\"\u003eDaniel Liebner\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003etagAllowed()\u003c/code\u003e helper function which takes a tag name and checks it against \u003ccode\u003eoptions.allowedTags\u003c/code\u003e and returns \u003ccode\u003etrue\u003c/code\u003e if the tag is allowed and \u003ccode\u003efalse\u003c/code\u003e if it is not.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.9.0 (2023-01-27)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option parseStyleAttributes to skip style parsing. This fixes [issue \u003ca href=\"https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html/issues/547\"\u003e#547\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/apostrophecms/sanitize-html/issues/547\"\u003eapostrophecms/sanitize-html#547\u003c/a\u003e). Thanks to \u003ca href=\"https://github.com/bertyhell\"\u003eBert Verhelst\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.8.1 (2022-12-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIf the argument is a number, convert it to a string, for backwards compatibility. Thanks to \u003ca href=\"https://github.com/alexander-schranz\"\u003eAlexander Schranz\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.8.0 (2022-12-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrades \u003ccode\u003ehtmlparser2\u003c/code\u003e to new major version \u003ccode\u003e^8.0.0\u003c/code\u003e. Thanks to \u003ca href=\"https://github.com/kedarchandrayan\"\u003eKedar Chandrayan\u003c/a\u003e for this contribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.7.3 (2022-10-24)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIf allowedTags is falsy but not exactly \u003ccode\u003efalse\u003c/code\u003e, then do not assume that all tags are allowed. Rather, allow no tags in this case, to be on the safe side. This matches the existing documentation and fixes [issue \u003ca href=\"https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html/issues/176\"\u003e#176\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/apostrophecms/sanitize-html/issues/176\"\u003eapostrophecms/sanitize-html#176\u003c/a\u003e). Thanks to \u003ca href=\"https://github.com/kedarchandrayan\"\u003eKedar Chandrayan\u003c/a\u003e for the fix.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.7.2 (2022-09-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClosing tags must agree with opening tags. This fixes [issue \u003ca href=\"https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html/issues/549\"\u003e#549\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/apostrophecms/sanitize-html/issues/549\"\u003eapostrophecms/sanitize-html#549\u003c/a\u003e), in which closing tags not associated with any permitted opening tag could be passed through. No known exploit exists, but it's better not to permit this. Thanks to\n\u003ca href=\"https://github.com/kedarchandrayan\"\u003eKedar Chandrayan\u003c/a\u003e for the report and the fix.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.7.1 (2022-07-20)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/apostrophecms/apostrophe/commits/2.12.1/packages/sanitize-html\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sequelize` from 6.37.7 to 6.37.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sequelize/sequelize/releases\"\u003esequelize's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.37.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/sequelize/sequelize/compare/v6.37.7...v6.37.8\"\u003e6.37.8\u003c/a\u003e (2026-03-07)\u003c/h2\u003e\n\u003ch3\u003eSecurity improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003evalidate cast types in JSON where clauses (\u003ca href=\"https://github.com/sequelize/sequelize/commit/b1475280b82159c11b829b43568da370f598a9e4\"\u003eb147528\u003c/a\u003e) (\u003ca href=\"https://github.com/sequelize/sequelize/security/advisories/GHSA-6457-6jrx-69cr\"\u003eCVE-2026-30951\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sequelize/sequelize/commit/cb7f99ad05de56137672ab95586359ff6ceba004\"\u003e\u003ccode\u003ecb7f99a\u003c/code\u003e\u003c/a\u003e fix: validate cast types in JSON where clauses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sequelize/sequelize/commit/b1475280b82159c11b829b43568da370f598a9e4\"\u003e\u003ccode\u003eb147528\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sequelize/sequelize/commit/4b8b5b94a09220f7aae1e96d6d19ff65695fc100\"\u003e\u003ccode\u003e4b8b5b9\u003c/code\u003e\u003c/a\u003e meta: Fix MSSQL CI (\u003ca href=\"https://redirect.github.com/sequelize/sequelize/issues/17931\"\u003e#17931\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/sequelize/sequelize/compare/v6.37.7...v6.37.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~wikirik\"\u003ewikirik\u003c/a\u003e, a new releaser for sequelize since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `socket.io` from 3.1.2 to 4.6.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/releases\"\u003esocket.io's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esocket.io-parser@3.4.4\u003c/h2\u003e\n\u003cp\u003eThis release includes a fix for \u003ca href=\"https://github.com/socketio/socket.io/security/advisories/GHSA-677m-j7p3-52f9\"\u003eCVE-2026-33151\u003c/a\u003e. Please upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd a limit to the number of binary attachments (\u003ca href=\"https://github.com/socketio/socket.io/commit/719f9ebab0772ffb882bd614b387e585c1aa75d4\"\u003e719f9eb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esocket.io-parser@3.3.5\u003c/h2\u003e\n\u003cp\u003eThis release includes a fix for \u003ca href=\"https://github.com/socketio/socket.io/security/advisories/GHSA-677m-j7p3-52f9\"\u003eCVE-2026-33151\u003c/a\u003e. Please upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd a limit to the number of binary attachments (\u003ca href=\"https://github.com/socketio/socket.io/commit/9d39f1f080510f036782f2177fac701cc041faaf\"\u003e9d39f1f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esocket.io-parser@4.2.6\u003c/h2\u003e\n\u003cp\u003eThis release includes a fix for \u003ca href=\"https://github.com/socketio/socket.io/security/advisories/GHSA-677m-j7p3-52f9\"\u003eCVE-2026-33151\u003c/a\u003e. Please upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd a limit to the number of binary attachments (\u003ca href=\"https://github.com/socketio/socket.io/commit/b25738c416c4e32fbff62ee182afa8f6d0dacf78\"\u003eb25738c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esocket.io-parser@4.2.5\u003c/h2\u003e\n\u003cp\u003eThis release contains a bump of \u003ccode\u003edebug\u003c/code\u003e from \u003ccode\u003e~4.3.1\u003c/code\u003e to \u003ccode\u003e~4.4.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/blob/4.6.2/CHANGELOG.md\"\u003esocket.io's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.6.1...4.6.2\"\u003e4.6.2\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eexports:\u003c/strong\u003e move \u003ccode\u003etypes\u003c/code\u003e condition to the top (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4698\"\u003e#4698\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/3d44aae381af38349fdb808d510d9f47a0c2507e\"\u003e3d44aae\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.4.0\"\u003e\u003ccode\u003eengine.io@~6.4.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.6.0...4.6.1\"\u003e4.6.1\u003c/a\u003e (2023-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eproperly handle manually created dynamic namespaces (\u003ca href=\"https://github.com/socketio/socket.io/commit/0d0a7a22b5ff95f864216c529114b7dd41738d1e\"\u003e0d0a7a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e fix nodenext module resolution compatibility (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4625\"\u003e#4625\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/d0b22c630208669aceb7ae013180c99ef90279b0\"\u003ed0b22c6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.4.0\"\u003e\u003ccode\u003eengine.io@~6.4.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.5.4...4.6.0\"\u003e4.6.0\u003c/a\u003e (2023-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd timeout method to remote socket (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4558\"\u003e#4558\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/0c0eb0016317218c2be3641e706cfaa9bea39a2d\"\u003e0c0eb00\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e properly type emits with timeout (\u003ca href=\"https://github.com/socketio/socket.io/commit/f3ada7d8ccc02eeced2b9b9ac8e4bc921eb630d2\"\u003ef3ada7d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003ch4\u003ePromise-based acknowledgements\u003c/h4\u003e\n\u003cp\u003eThis commit adds some syntactic sugar around acknowledgements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eemitWithAck()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003etry {\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/faf914c9ab3e06a6e84fc91774a4182e58f8ae70\"\u003e\u003ccode\u003efaf914c\u003c/code\u003e\u003c/a\u003e chore(release): 4.6.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/15af22fc22bc6030fcead322c106f07640336115\"\u003e\u003ccode\u003e15af22f\u003c/code\u003e\u003c/a\u003e refactor: add a noop handler for the error event\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/d3658944e562e538db094ef298d274821984dea2\"\u003e\u003ccode\u003ed365894\u003c/code\u003e\u003c/a\u003e chore: bump socket.io-parser to version 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/12b0de4f524083c31b613ce33e4fd9f8d313f434\"\u003e\u003ccode\u003e12b0de4\u003c/code\u003e\u003c/a\u003e chore: bump engine.io to version 6.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/3d44aae381af38349fdb808d510d9f47a0c2507e\"\u003e\u003ccode\u003e3d44aae\u003c/code\u003e\u003c/a\u003e fix(exports): move \u003ccode\u003etypes\u003c/code\u003e condition to the top (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4698\"\u003e#4698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/cbf0362476a23a573233369f1119f7e305539336\"\u003e\u003ccode\u003ecbf0362\u003c/code\u003e\u003c/a\u003e docs(examples): bump dependencies for the private messaging example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/59280da20b5ab6509bafb87793cc0077d60d9c27\"\u003e\u003ccode\u003e59280da\u003c/code\u003e\u003c/a\u003e docs(examples): update examples to docker compose v2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/50a4d37cb82f2a14e058ae5a3038ee25796c2121\"\u003e\u003ccode\u003e50a4d37\u003c/code\u003e\u003c/a\u003e docs(changelog): add version of transitive dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/6458b2bef171aa0d7dea198297608ea2ed4b1db9\"\u003e\u003ccode\u003e6458b2b\u003c/code\u003e\u003c/a\u003e docs(example): basic WebSocket-only client\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/b56da8a99f4814d553064af175edcf747d5561d7\"\u003e\u003ccode\u003eb56da8a\u003c/code\u003e\u003c/a\u003e docs(examples): upgrade to React 18\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io/compare/3.1.2...4.6.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.12 to 2.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 2.x  14f1d91\u003c/li\u003e\n\u003cli\u003efmt  ed7780a\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  36603d5\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1ee4a9069c69a51bd502aab289c0c6629c8920ca\"\u003e\u003ccode\u003e1ee4a90\u003c/code\u003e\u003c/a\u003e 2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/b0302ac153ecfaad66752aac79bf30d2895db8f1\"\u003e\u003ccode\u003eb0302ac\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v2 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/100\"\u003e#100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/73b5459d2ab973c984d01324769d306f66440c7e\"\u003e\u003ccode\u003e73b5459\u003c/code\u003e\u003c/a\u003e 2.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5\"\u003e\u003ccode\u003e311ac0d\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v to v2 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/a3efcee659ef0fb381e2b50d759c720900580a15\"\u003e\u003ccode\u003ea3efcee\u003c/code\u003e\u003c/a\u003e 2.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/14f1d91b0523ffb0c8bbe6a28dc98ddc56ae53bc\"\u003e\u003ccode\u003e14f1d91\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 2.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ed7780ab1cb8a7696f1813b5a945fcc70d8d1990\"\u003e\u003ccode\u003eed7780a\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/36603d5f3599a37af9e85eda30acd7d28599c36e\"\u003e\u003ccode\u003e36603d5\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/b9c0e57027317a8d0a56a7ccee28fc478d847da2\"\u003e\u003ccode\u003eb9c0e57\u003c/code\u003e\u003c/a\u003e 2.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/4d96d7dbca632806263efb0da8d1e9d8a2143cc2\"\u003e\u003ccode\u003e4d96d7d\u003c/code\u003e\u003c/a\u003e switch to fork of matcha that works on node\u0026gt;12\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v2.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `braces`\n\nUpdates `micromatch` from 3.1.10 to 4.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/micromatch/releases\"\u003emicromatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.8\u003c/h2\u003e\n\u003cp\u003eUltimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.\u003c/p\u003e\n\u003ch2\u003e4.0.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Update picomatch to fix regression \u003ca href=\"https://redirect.github.com/micromatch/micromatch/issues/179\"\u003e#179\u003c/a\u003e (8becb55)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnforce newer version of picomatch with bugfixes\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md\"\u003emicromatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.0.8] - 2024-08-22\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebackported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.7] - 2024-05-22\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ethis is basically v4.0.5, with some README updates\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eit is vulnerable to CVE-2024-4067\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003eUpdated braces to v3.0.3 to avoid CVE-2024-4068\u003c/li\u003e\n\u003cli\u003edoes NOT break API compatibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.6] - 2024-05-21\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ehasBraces\u003c/code\u003e to check if a pattern contains braces.\u003c/li\u003e\n\u003cli\u003eFixes CVE-2024-4067\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBREAKS API COMPATIBILITY\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003eShould be labeled as a major release, but it's not.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.1 - 4.0.5]\u003c/h2\u003e\n\u003ch2\u003e[4.0.0] - 2019-03-20\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdds support for \u003ccode\u003eoptions.onMatch\u003c/code\u003e. See the readme for details\u003c/li\u003e\n\u003cli\u003eAdds support for \u003ccode\u003eoptions.onIgnore\u003c/code\u003e. See the readme for details\u003c/li\u003e\n\u003cli\u003eAdds support for \u003ccode\u003eoptions.onResult\u003c/code\u003e. See the readme for details\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBreaking changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRequire Node.js \u0026gt;= 8.6\u003c/li\u003e\n\u003cli\u003eRemoved support for passing an array of brace patterns to \u003ccode\u003emicromatch.braces()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eTo strictly enforce closing brackets (for \u003ccode\u003e{\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, and \u003ccode\u003e(\u003c/code\u003e), you must now use \u003ccode\u003estrictBrackets=true\u003c/code\u003e instead of \u003ccode\u003estrictErrors\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecache\u003c/code\u003e - caching and all related options and methods have been removed\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eoptions.unixify\u003c/code\u003e was renamed to \u003ccode\u003eoptions.windows\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eoptions.nodupes\u003c/code\u003e Was removed. Duplicates are always removed by default. You can override this with custom behavior by using the \u003ccode\u003eonMatch\u003c/code\u003e, \u003ccode\u003eonResult\u003c/code\u003e and \u003ccode\u003eonIgnore\u003c/code\u003e functions.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eoptions.snapdragon\u003c/code\u003e was removed, as snapdragon is no longer used.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eoptions.sourcemap\u003c/code\u003e was removed, as snapdragon is no longer used, which provided sourcemap support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.0.0] - 2017-04-11\u003c/h2\u003e\n\u003cp\u003eComplete overhaul, with 36,000+ new unit tests validated against actual output generated by Bash and minimatch. More specifically, 35,000+ of the tests:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003emicromatch results are directly compared to bash results\u003c/li\u003e\n\u003cli\u003ein rare cases, when micromatch and bash disagree, micromatch's results are compared to minimatch's results\u003c/li\u003e\n\u003cli\u003emicromatch is much more accurate than minimatch, so there were cases where I had to make assumptions. I'll try to document these.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis refactor introduces a parser and compiler that are supersets of more granular parsers and compilers from other sub-modules. Each of these sub-modules has a singular responsibility and focuses on a certain type of matching that aligns with a specific part of the Bash \u0026quot;expansion\u0026quot; API.\u003c/p\u003e\n\u003cp\u003eThese sub-modules work like plugins to seamlessly create the micromatch parser/compiler, so that strings are parsed in one pass, an \u003ca href=\"https://gist.github.com/jonschlinkert/099c8914f56529f75bc757cc9e5e8e2a\"\u003eAST is created\u003c/a\u003e, then a new string is generated by the compiler.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/8bd704ec0d9894693d35da425d827819916be920\"\u003e\u003ccode\u003e8bd704e\u003c/code\u003e\u003c/a\u003e 4.0.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/a0e68416a44da10f3e4e30845ab95af4fd286d5a\"\u003e\u003ccode\u003ea0e6841\u003c/code\u003e\u003c/a\u003e run verb to generate README documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/4ec288484f6e8cccf597ad3d43529c31d0f7a02a\"\u003e\u003ccode\u003e4ec2884\u003c/code\u003e\u003c/a\u003e Merge branch 'v4' into hauserkristof-feature/v4.0.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/03aa8052171e878897eee5d7bb2ae0ae83ec2ade\"\u003e\u003ccode\u003e03aa805\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/micromatch/issues/266\"\u003e#266\u003c/a\u003e from hauserkristof/feature/v4.0.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/814f5f70efcd100ca9d29198867812a3d6ab91a8\"\u003e\u003ccode\u003e814f5f7\u003c/code\u003e\u003c/a\u003e lint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/67fcce6a1077c2faf5ad0c5f998fa70202cc5dae\"\u003e\u003ccode\u003e67fcce6\u003c/code\u003e\u003c/a\u003e fix: CHANGELOG about braces \u0026amp; CVE-2024-4068, v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/113f2e3fa7cb30b429eda7c4c38475a8e8ba1b30\"\u003e\u003ccode\u003e113f2e3\u003c/code\u003e\u003c/a\u003e fix: CVE numbers in CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/d9dbd9a266686f44afb38da26fe016f96d1ec04f\"\u003e\u003ccode\u003ed9dbd9a\u003c/code\u003e\u003c/a\u003e feat: updated CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/2ab13157f416679f54e3a32b1425e184bd16749e\"\u003e\u003ccode\u003e2ab1315\u003c/code\u003e\u003c/a\u003e fix: use actions/setup-node@v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/1406ea38f3e24b29f4d4f46908d5cffcb3e6c4ce\"\u003e\u003ccode\u003e1406ea3\u003c/code\u003e\u003c/a\u003e feat: rework test to work on macos with node 10,12 and 14\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/micromatch/compare/3.1.10...4.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@xmldom/xmldom` from 0.8.11 to 0.8.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/xmldom/xmldom/releases\"\u003e@​xmldom/xmldom's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.8.13\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.12...0.8.13\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer.serializeToString()\u003c/code\u003e (and \u003ccode\u003eNode.toString()\u003c/code\u003e, \u003ccode\u003eNodeList.toString()\u003c/code\u003e) now accept a \u003ccode\u003erequireWellFormed\u003c/code\u003e option (fourth argument, after \u003ccode\u003eisHtml\u003c/code\u003e and \u003ccode\u003enodeFilter\u003c/code\u003e). When \u003ccode\u003e{ requireWellFormed: true }\u003c/code\u003e is passed, the serializer throws \u003ccode\u003eInvalidStateError\u003c/code\u003e for injection-prone node content, preventing XML injection via attacker-controlled node data. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-j759-j44w-7fr8\"\u003e\u003ccode\u003eGHSA-j759-j44w-7fr8\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-x6wf-f3px-wcqx\"\u003e\u003ccode\u003eGHSA-x6wf-f3px-wcqx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-f6ww-3ggp-fr8h\"\u003e\u003ccode\u003eGHSA-f6ww-3ggp-fr8h\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eComment: throws when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e--\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eProcessingInstruction: throws when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e?\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDocumentType: throws when \u003ccode\u003epublicId\u003c/code\u003e fails \u003ccode\u003ePubidLiteral\u003c/code\u003e, \u003ccode\u003esystemId\u003c/code\u003e fails \u003ccode\u003eSystemLiteral\u003c/code\u003e, or \u003ccode\u003einternalSubset\u003c/code\u003e contains \u003ccode\u003e]\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eSecurity: DOM traversal operations (\u003ccode\u003eXMLSerializer.serializeToString()\u003c/code\u003e, \u003ccode\u003eNode.prototype.normalize()\u003c/code\u003e, \u003ccode\u003eNode.prototype.cloneNode(true)\u003c/code\u003e, \u003ccode\u003eDocument.prototype.importNode(node, true)\u003c/code\u003e, \u003ccode\u003enode.textContent\u003c/code\u003e getter, \u003ccode\u003egetElementsByTagName()\u003c/code\u003e / \u003ccode\u003egetElementsByTagNameNS()\u003c/code\u003e / \u003ccode\u003egetElementsByClassName()\u003c/code\u003e / \u003ccode\u003egetElementById()\u003c/code\u003e) are now iterative. Previously, deeply nested DOM trees would exhaust the JavaScript call stack and throw an unrecoverable \u003ccode\u003eRangeError\u003c/code\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-2v35-w6hq-6mfw\"\u003e\u003ccode\u003eGHSA-2v35-w6hq-6mfw\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/Jvr2022\"\u003e\u003ccode\u003e@​Jvr2022\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/praveen-kv\"\u003e\u003ccode\u003e@​praveen-kv\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/decsecre583\"\u003e\u003ccode\u003e@​decsecre583\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/tlsbollei\"\u003e\u003ccode\u003e@​tlsbollei\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/KarimTantawey\"\u003e\u003ccode\u003e@​KarimTantawey\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003ch2\u003e0.8.12\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve trailing whitespace in ProcessingInstruction data \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/962\"\u003e\u003ccode\u003e[#962](https://github.com/xmldom/xmldom/issues/962)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/42\"\u003e\u003ccode\u003e[#42](https://github.com/xmldom/xmldom/issues/42)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003ecreateCDATASection\u003c/code\u003e now throws \u003ccode\u003eInvalidCharacterError\u003c/code\u003e when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e, as required by the \u003ca href=\"https://dom.spec.whatwg.org/#dom-document-createcdatasection\"\u003eWHATWG DOM spec\u003c/a\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer\u003c/code\u003e now splits CDATASection nodes whose data contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (\u003ccode\u003eappendData\u003c/code\u003e, \u003ccode\u003ereplaceData\u003c/code\u003e, \u003ccode\u003e.data =\u003c/code\u003e, \u003ccode\u003e.textContent =\u003c/code\u003e). \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCode that passes a string containing \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e to \u003ccode\u003ecreateCDATASection\u003c/code\u003e and relied on the previously unsafe behavior will now receive \u003ccode\u003eInvalidCharacterError\u003c/code\u003e. Use a mutation method such as \u003ccode\u003eappendData\u003c/code\u003e if you intentionally need \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e in a CDATASection node's data.\u003c/p\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/thesmartshadow\"\u003e\u003ccode\u003e@​thesmartshadow\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/stevenobiajulu\"\u003e\u003ccode\u003e@​stevenobiajulu\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/discussions/357\"\u003ehttps://github.com/xmldom/xmldom/discussions/357\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md\"\u003e@​xmldom/xmldom's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.12...0.8.13\"\u003e0.8.13\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer.serializeToString()\u003c/code\u003e (and \u003ccode\u003eNode.toString()\u003c/code\u003e, \u003ccode\u003eNodeList.toString()\u003c/code\u003e) now accept a \u003ccode\u003erequireWellFormed\u003c/code\u003e option (fourth argument, after \u003ccode\u003eisHtml\u003c/code\u003e and \u003ccode\u003enodeFilter\u003c/code\u003e). When \u003ccode\u003e{ requireWellFormed: true }\u003c/code\u003e is passed, the serializer throws \u003ccode\u003eInvalidStateError\u003c/code\u003e for injection-prone node content, preventing XML injection via attacker-controlled node data. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-j759-j44w-7fr8\"\u003e\u003ccode\u003eGHSA-j759-j44w-7fr8\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-x6wf-f3px-wcqx\"\u003e\u003ccode\u003eGHSA-x6wf-f3px-wcqx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-f6ww-3ggp-fr8h\"\u003e\u003ccode\u003eGHSA-f6ww-3ggp-fr8h\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eComment: throws when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e--\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eProcessingInstruction: throws when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e?\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDocumentType: throws when \u003ccode\u003epublicId\u003c/code\u003e fails \u003ccode\u003ePubidLiteral\u003c/code\u003e, \u003ccode\u003esystemId\u003c/code\u003e fails \u003ccode\u003eSystemLiteral\u003c/code\u003e, or \u003ccode\u003einternalSubset\u003c/code\u003e contains \u003ccode\u003e]\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eSecurity: DOM traversal operations (\u003ccode\u003eXMLSerializer.serializeToString()\u003c/code\u003e, \u003ccode\u003eNode.prototype.normalize()\u003c/code\u003e, \u003ccode\u003eNode.prototype.cloneNode(true)\u003c/code\u003e, \u003ccode\u003eDocument.prototype.importNode(node, true)\u003c/code\u003e, \u003ccode\u003enode.textContent\u003c/code\u003e getter, \u003ccode\u003egetElementsByTagName()\u003c/code\u003e / \u003ccode\u003egetElementsByTagNameNS()\u003c/code\u003e / \u003ccode\u003egetElementsByClassName()\u003c/code\u003e / \u003ccode\u003egetElementById()\u003c/code\u003e) are now iterative. Previously, deeply nested DOM trees would exhaust the JavaScript call stack and throw an unrecoverable \u003ccode\u003eRangeError\u003c/code\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-2v35-w6hq-6mfw\"\u003e\u003ccode\u003eGHSA-2v35-w6hq-6mfw\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/Jvr2022\"\u003e\u003ccode\u003e@​Jvr2022\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/praveen-kv\"\u003e\u003ccode\u003e@​praveen-kv\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/decsecre583\"\u003e\u003ccode\u003e@​decsecre583\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/tlsbollei\"\u003e\u003ccode\u003e@​tlsbollei\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/KarimTantawey\"\u003e\u003ccode\u003e@​KarimTantawey\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.9.8...0.9.9\"\u003e0.9.9\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimplement \u003ccode\u003eParentNode.children\u003c/code\u003e getter \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/960\"\u003e\u003ccode\u003e[#960](https://github.com/xmldom/xmldom/issues/960)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/410\"\u003e\u003ccode\u003e[#410](https://github.com/xmldom/xmldom/issues/410)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: \u003ccode\u003ecreateCDATASection\u003c/code\u003e now throws \u003ccode\u003eInvalidCharacterError\u003c/code\u003e when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e, as required by the \u003ca href=\"https://dom.spec.whatwg.org/#dom-document-createcdatasection\"\u003eWHATWG DOM spec\u003c/a\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer\u003c/code\u003e now splits CDATASection nodes whose data contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (\u003ccode\u003eappendData\u003c/code\u003e, \u003ccode\u003ereplaceData\u003c/code\u003e, \u003ccode\u003e.data =\u003c/code\u003e, \u003ccode\u003e.textContent =\u003c/code\u003e). \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ecorrectly traverse ancestor chain in \u003ccode\u003eNode.contains\u003c/code\u003e \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/931\"\u003e\u003ccode\u003e[#931](https://github.com/xmldom/xmldom/issues/931)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCode that passes a string containing \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e to \u003ccode\u003ecreateCDATASection\u003c/code\u003e and relied on the previously unsafe behavior will now receive \u003ccode\u003eInvalidCharacterError\u003c/code\u003e. Use a mutation method such as \u003ccode\u003eappendData\u003c/code\u003e if you intentionally need \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e in a CDATASection node's data.\u003c/p\u003e\n\u003ch3\u003eChore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/stevenobiajulu\"\u003e\u003ccode\u003e@​stevenobiajulu\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/yoshi389111\"\u003e\u003ccode\u003e@​yoshi389111\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/thesmartshadow\"\u003e\u003ccode\u003e@​thesmartshadow\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12\"\u003e0.8.12\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve trailing whitespace in ProcessingInstruction data \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/962\"\u003e\u003ccode\u003e[#962](https://github.com/xmldom/xmldom/issues/962)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/42\"\u003e\u003ccode\u003e[#42](https://github.com/xmldom/xmldom/issues/42)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/e5c14802592685bb872c042c54c3f73758875c85\"\u003e\u003ccode\u003ee5c1480\u003c/code\u003e\u003c/a\u003e 0.8.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/9611e20d75f059dc377f806a8f7ee7d1eaeaeb7c\"\u003e\u003ccode\u003e9611e20\u003c/code\u003e\u003c/a\u003e style: drop unused import in test file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/dc4dff3d1d0b5a6b97c52fcc1823a735b8821e62\"\u003e\u003ccode\u003edc4dff3\u003c/code\u003e\u003c/a\u003e docs: add 0.8.13 changelog entry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/842fa38deedd2d9a9c90d0ad54aa1be75d2a41bc\"\u003e\u003ccode\u003e842fa38\u003c/code\u003e\u003c/a\u003e fix: prevent stack overflow in normalize (GHSA-2v35-w6hq-6mfw)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/aeff69f5a32e8c1bd540683da9e10718f84f595c\"\u003e\u003ccode\u003eaeff69f\u003c/code\u003e\u003c/a\u003e test: add normalize behavioral coverage to node.test.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/cbdb0d7db8ae70760bd4cc181cb8f30bb0cd9d88\"\u003e\u003ccode\u003ecbdb0d7\u003c/code\u003e\u003c/a\u003e fix: make walkDOM iterative to prevent stack overflow (GHSA-2v35-w6hq-6mfw)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/0b543d31794dc198c86a0358574cb5dec29674c5\"\u003e\u003ccode\u003e0b543d3\u003c/code\u003e\u003c/a\u003e test: assert namespace declarations are isolated between siblings in serializ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/c007c51909587990c962cf3d5c2acadf4c897b87\"\u003e\u003ccode\u003ec007c51\u003c/code\u003e\u003c/a\u003e refactor: migrate serializeToString to walkDOM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/2bb3899074820089d9e76ce28a5edfdacf425025\"\u003e\u003ccode\u003e2bb3899\u003c/code\u003e\u003c/a\u003e test: add serializeToString coverage for uncovered branches\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/e69f38d0a58731152d300e8c8eb29506f5f488fe\"\u003e\u003ccode\u003ee69f38d\u003c/code\u003e\u003c/a\u003e refactor: migrate importNode to walkDOM\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~karfau\"\u003ekarfau\u003c/a\u003e, a new releaser for \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.4.2 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)  bc38ffd\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eAlthough not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd fast path for \u003ccode\u003eserialize\u003c/code\u003e without options, use \u003ccode\u003eobj.hasOwnProperty\u003c/code\u003e when parsing (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eperf: parse cookies ~10% faster (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e by \u003ca href=\"https://github.com/kurtextrem\"\u003e\u003ccode\u003e@​kurtextrem\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: narrow the validation of cookies to match RFC6265 (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/167\"\u003e#167\u003c/a\u003e by \u003ca href=\"https://github.com/bewinsnw\"\u003e\u003ccode\u003e@​bewinsnw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: add \u003ccode\u003emain\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e for rspack (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/166\"\u003e#166\u003c/a\u003e by \u003ca href=\"https://github.com/proudparrot2\"\u003e\u003ccode\u003e@​proudparrot2\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\"\u003ehttps://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003epartitioned\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003epriority\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eexpires\u003c/code\u003e option to reject invalid dates\u003c/li\u003e\n\u003cli\u003epref: improve default decode speed\u003c/li\u003e\n\u003cli\u003epref: remove slow string split in parse\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/d19eaa1a2bb9ca43ac0951edd852ba4e88e410e0\"\u003e\u003ccode\u003ed19eaa1\u003c/code\u003e\u003c/a\u003e 0.7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/bc38ffd0eae716b199236dda061d0bdc74192dd3\"\u003e\u003ccode\u003ebc38ffd\u003c/code\u003e\u003c/a\u003e Fix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/cf4658f492c5bd96aeaf5693c3500f8495031014\"\u003e\u003ccode\u003ecf4658f\u003c/code\u003e\u003c/a\u003e 0.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6a8b8f5a49af7897b98ebfb29a1c4955afa3d33e\"\u003e\u003ccode\u003e6a8b8f5\u003c/code\u003e\u003c/a\u003e Allow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/58015c0b93de0b63db245cfdc5a108e511a81ad0\"\u003e\u003ccode\u003e58015c0\u003c/code\u003e\u003c/a\u003e Remove more code and perf wins (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627\"\u003e\u003ccode\u003eab057d6\u003c/code\u003e\u003c/a\u003e 0.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542\"\u003e\u003ccode\u003e5f02ca8\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579\"\u003e\u003ccode\u003ea5d591c\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105\"\u003e\u003ccode\u003e51968f9\u003c/code\u003e\u003c/a\u003e Skip isNaN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc\"\u003e\u003ccode\u003e9e7ca51\u003c/code\u003e\u003c/a\u003e perf(parse): cache length, return early (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.4.2...v0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `crypto-js`\n\nUpdates `diff` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~explodingcabbage\"\u003eexplodingcabbage\u003c/a\u003e, a new releaser for diff since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 5.0.0 to 5.2.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~explodingcabbage\"\u003eexplodingcabbage\u003c/a\u003e, a new releaser for diff since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.11 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.11...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.7.8 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca ...\n\n_Description has been truncated_","html_url":"https://github.com/fujimakis-sss/juice-shop/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/fujimakis-sss%2Fjuice-shop/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"},{"uuid":"4498653248","node_id":"PR_kwDOIt273s7eJOF_","number":557,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-21T23:45:52.000Z","updated_at":"2026-05-21T23:46:25.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":5,"packages":[{"name":"minimatch","old_version":"3.1.2","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"@xmldom/xmldom","old_version":"0.8.10","new_version":"0.8.13","repository_url":"https://github.com/xmldom/xmldom"},{"name":"cookie","old_version":"0.4.2","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"},{"name":"flatted","old_version":"3.2.9","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"lodash","old_version":"4.17.23","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 5 updates in the /web directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `9.0.9` |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.10` | `0.8.13` |\n| [cookie](https://github.com/jshttp/cookie) | `0.4.2` | `1.1.1` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.9` | `3.4.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n\n\nUpdates `minimatch` from 3.1.2 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/minimatch/blob/main/changelog.md\"\u003eminimatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echange log\u003c/h1\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003ebraceExpandMax\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003emagicalBraces\u003c/code\u003e option for \u003ccode\u003eescape\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003emakeRe\u003c/code\u003e when \u003ccode\u003epartial: true\u003c/code\u003e is set.\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003emakeRe\u003c/code\u003e when pattern ends in a final \u003ccode\u003e**\u003c/code\u003e path part.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRequire node 20 or 22 and higher\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo default export, only named exports.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRecursive descent parser for extglob, allowing correct support\nfor arbitrarily nested extglob expressions\u003c/li\u003e\n\u003cli\u003eBump required Node.js version\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eescape()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eunescape()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eMinimatch.hasMagic()\u003c/code\u003e method\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for posix character classes in a unicode-aware way.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003ewindowsNoMagicRoot\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eoptimizationLevel\u003c/code\u003e configuration option, and revert the\ndefault back to the 6.2 style minimal optimizations, making the\nadvanced transforms introduced in 7.0 opt-in. Also, process\nprovided file paths in the same way in optimizationLevel:2\nmode, so \u003cem\u003emost\u003c/em\u003e things that matched with optimizationLevel 1 or\n0 \u003cem\u003eshould\u003c/em\u003e match with level 2 as well. However, level 1 is the\ndefault, out of an abundance of caution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/8a10e473e2e0ff03c2d4de308f257093af2bce21\"\u003e\u003ccode\u003e8a10e47\u003c/code\u003e\u003c/a\u003e 9.0.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/c6f180636cebd4de2f9af7ef29ca4c9bf2eeef02\"\u003e\u003ccode\u003ec6f1806\u003c/code\u003e\u003c/a\u003e brace-expansion@2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/446cfa3e2aa3ef45bd4a27fa4418221e158489f6\"\u003e\u003ccode\u003e446cfa3\u003c/code\u003e\u003c/a\u003e 9.0.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/8fa151ab95fd4e2acd6e1a81f10d02dc7c1098d3\"\u003e\u003ccode\u003e8fa151a\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/71b78a2a4cad3a40af08a39c065e71bbf69ea7f7\"\u003e\u003ccode\u003e71b78a2\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/2de496f6d9362dd92460f35ffa6ff8de2907244b\"\u003e\u003ccode\u003e2de496f\u003c/code\u003e\u003c/a\u003e 9.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/0d4616de9193bf1d359271662e92657bb51b2f75\"\u003e\u003ccode\u003e0d4616d\u003c/code\u003e\u003c/a\u003e limit nested extglob recursion, flatten extglobs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7117ef381e74deace1c62a74d2298c8fe61d10ca\"\u003e\u003ccode\u003e7117ef3\u003c/code\u003e\u003c/a\u003e 9.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/2418458b7fe82e0a1fd1a1b6f618c41c90b9848a\"\u003e\u003ccode\u003e2418458\u003c/code\u003e\u003c/a\u003e update deps, do not checkin dist\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1d1f531009d5e4a86083de37e5ef3f301e073986\"\u003e\u003ccode\u003e1d1f531\u003c/code\u003e\u003c/a\u003e update deps\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v9.0.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@xmldom/xmldom` from 0.8.10 to 0.8.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/xmldom/xmldom/releases\"\u003e@​xmldom/xmldom's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.8.13\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.12...0.8.13\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer.serializeToString()\u003c/code\u003e (and \u003ccode\u003eNode.toString()\u003c/code\u003e, \u003ccode\u003eNodeList.toString()\u003c/code\u003e) now accept a \u003ccode\u003erequireWellFormed\u003c/code\u003e option (fourth argument, after \u003ccode\u003eisHtml\u003c/code\u003e and \u003ccode\u003enodeFilter\u003c/code\u003e). When \u003ccode\u003e{ requireWellFormed: true }\u003c/code\u003e is passed, the serializer throws \u003ccode\u003eInvalidStateError\u003c/code\u003e for injection-prone node content, preventing XML injection via attacker-controlled node data. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-j759-j44w-7fr8\"\u003e\u003ccode\u003eGHSA-j759-j44w-7fr8\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-x6wf-f3px-wcqx\"\u003e\u003ccode\u003eGHSA-x6wf-f3px-wcqx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-f6ww-3ggp-fr8h\"\u003e\u003ccode\u003eGHSA-f6ww-3ggp-fr8h\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eComment: throws when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e--\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eProcessingInstruction: throws when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e?\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDocumentType: throws when \u003ccode\u003epublicId\u003c/code\u003e fails \u003ccode\u003ePubidLiteral\u003c/code\u003e, \u003ccode\u003esystemId\u003c/code\u003e fails \u003ccode\u003eSystemLiteral\u003c/code\u003e, or \u003ccode\u003einternalSubset\u003c/code\u003e contains \u003ccode\u003e]\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eSecurity: DOM traversal operations (\u003ccode\u003eXMLSerializer.serializeToString()\u003c/code\u003e, \u003ccode\u003eNode.prototype.normalize()\u003c/code\u003e, \u003ccode\u003eNode.prototype.cloneNode(true)\u003c/code\u003e, \u003ccode\u003eDocument.prototype.importNode(node, true)\u003c/code\u003e, \u003ccode\u003enode.textContent\u003c/code\u003e getter, \u003ccode\u003egetElementsByTagName()\u003c/code\u003e / \u003ccode\u003egetElementsByTagNameNS()\u003c/code\u003e / \u003ccode\u003egetElementsByClassName()\u003c/code\u003e / \u003ccode\u003egetElementById()\u003c/code\u003e) are now iterative. Previously, deeply nested DOM trees would exhaust the JavaScript call stack and throw an unrecoverable \u003ccode\u003eRangeError\u003c/code\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-2v35-w6hq-6mfw\"\u003e\u003ccode\u003eGHSA-2v35-w6hq-6mfw\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/Jvr2022\"\u003e\u003ccode\u003e@​Jvr2022\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/praveen-kv\"\u003e\u003ccode\u003e@​praveen-kv\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/decsecre583\"\u003e\u003ccode\u003e@​decsecre583\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/tlsbollei\"\u003e\u003ccode\u003e@​tlsbollei\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/KarimTantawey\"\u003e\u003ccode\u003e@​KarimTantawey\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003ch2\u003e0.8.12\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve trailing whitespace in ProcessingInstruction data \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/962\"\u003e\u003ccode\u003e[#962](https://github.com/xmldom/xmldom/issues/962)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/42\"\u003e\u003ccode\u003e[#42](https://github.com/xmldom/xmldom/issues/42)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003ecreateCDATASection\u003c/code\u003e now throws \u003ccode\u003eInvalidCharacterError\u003c/code\u003e when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e, as required by the \u003ca href=\"https://dom.spec.whatwg.org/#dom-document-createcdatasection\"\u003eWHATWG DOM spec\u003c/a\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer\u003c/code\u003e now splits CDATASection nodes whose data contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (\u003ccode\u003eappendData\u003c/code\u003e, \u003ccode\u003ereplaceData\u003c/code\u003e, \u003ccode\u003e.data =\u003c/code\u003e, \u003ccode\u003e.textContent =\u003c/code\u003e). \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCode that passes a string containing \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e to \u003ccode\u003ecreateCDATASection\u003c/code\u003e and relied on the previously unsafe behavior will now receive \u003ccode\u003eInvalidCharacterError\u003c/code\u003e. Use a mutation method such as \u003ccode\u003eappendData\u003c/code\u003e if you intentionally need \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e in a CDATASection node's data.\u003c/p\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/thesmartshadow\"\u003e\u003ccode\u003e@​thesmartshadow\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/stevenobiajulu\"\u003e\u003ccode\u003e@​stevenobiajulu\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/discussions/357\"\u003ehttps://github.com/xmldom/xmldom/discussions/357\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.8.11\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.10...0.8.11\"\u003e0.8.11\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate \u003ccode\u003eownerDocument\u003c/code\u003e when moving nodes between documents \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/933\"\u003e\u003ccode\u003e[#933](https://github.com/xmldom/xmldom/issues/933)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/932\"\u003e\u003ccode\u003e[#932](https://github.com/xmldom/xmldom/issues/932)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/shunkica\"\u003e\u003ccode\u003e@​shunkica\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md\"\u003e@​xmldom/xmldom's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.12...0.8.13\"\u003e0.8.13\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer.serializeToString()\u003c/code\u003e (and \u003ccode\u003eNode.toString()\u003c/code\u003e, \u003ccode\u003eNodeList.toString()\u003c/code\u003e) now accept a \u003ccode\u003erequireWellFormed\u003c/code\u003e option (fourth argument, after \u003ccode\u003eisHtml\u003c/code\u003e and \u003ccode\u003enodeFilter\u003c/code\u003e). When \u003ccode\u003e{ requireWellFormed: true }\u003c/code\u003e is passed, the serializer throws \u003ccode\u003eInvalidStateError\u003c/code\u003e for injection-prone node content, preventing XML injection via attacker-controlled node data. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-j759-j44w-7fr8\"\u003e\u003ccode\u003eGHSA-j759-j44w-7fr8\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-x6wf-f3px-wcqx\"\u003e\u003ccode\u003eGHSA-x6wf-f3px-wcqx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-f6ww-3ggp-fr8h\"\u003e\u003ccode\u003eGHSA-f6ww-3ggp-fr8h\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eComment: throws when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e--\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eProcessingInstruction: throws when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e?\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDocumentType: throws when \u003ccode\u003epublicId\u003c/code\u003e fails \u003ccode\u003ePubidLiteral\u003c/code\u003e, \u003ccode\u003esystemId\u003c/code\u003e fails \u003ccode\u003eSystemLiteral\u003c/code\u003e, or \u003ccode\u003einternalSubset\u003c/code\u003e contains \u003ccode\u003e]\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eSecurity: DOM traversal operations (\u003ccode\u003eXMLSerializer.serializeToString()\u003c/code\u003e, \u003ccode\u003eNode.prototype.normalize()\u003c/code\u003e, \u003ccode\u003eNode.prototype.cloneNode(true)\u003c/code\u003e, \u003ccode\u003eDocument.prototype.importNode(node, true)\u003c/code\u003e, \u003ccode\u003enode.textContent\u003c/code\u003e getter, \u003ccode\u003egetElementsByTagName()\u003c/code\u003e / \u003ccode\u003egetElementsByTagNameNS()\u003c/code\u003e / \u003ccode\u003egetElementsByClassName()\u003c/code\u003e / \u003ccode\u003egetElementById()\u003c/code\u003e) are now iterative. Previously, deeply nested DOM trees would exhaust the JavaScript call stack and throw an unrecoverable \u003ccode\u003eRangeError\u003c/code\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-2v35-w6hq-6mfw\"\u003e\u003ccode\u003eGHSA-2v35-w6hq-6mfw\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/Jvr2022\"\u003e\u003ccode\u003e@​Jvr2022\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/praveen-kv\"\u003e\u003ccode\u003e@​praveen-kv\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/decsecre583\"\u003e\u003ccode\u003e@​decsecre583\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/tlsbollei\"\u003e\u003ccode\u003e@​tlsbollei\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/KarimTantawey\"\u003e\u003ccode\u003e@​KarimTantawey\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.9.8...0.9.9\"\u003e0.9.9\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimplement \u003ccode\u003eParentNode.children\u003c/code\u003e getter \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/960\"\u003e\u003ccode\u003e[#960](https://github.com/xmldom/xmldom/issues/960)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/410\"\u003e\u003ccode\u003e[#410](https://github.com/xmldom/xmldom/issues/410)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: \u003ccode\u003ecreateCDATASection\u003c/code\u003e now throws \u003ccode\u003eInvalidCharacterError\u003c/code\u003e when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e, as required by the \u003ca href=\"https://dom.spec.whatwg.org/#dom-document-createcdatasection\"\u003eWHATWG DOM spec\u003c/a\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer\u003c/code\u003e now splits CDATASection nodes whose data contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (\u003ccode\u003eappendData\u003c/code\u003e, \u003ccode\u003ereplaceData\u003c/code\u003e, \u003ccode\u003e.data =\u003c/code\u003e, \u003ccode\u003e.textContent =\u003c/code\u003e). \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ecorrectly traverse ancestor chain in \u003ccode\u003eNode.contains\u003c/code\u003e \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/931\"\u003e\u003ccode\u003e[#931](https://github.com/xmldom/xmldom/issues/931)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCode that passes a string containing \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e to \u003ccode\u003ecreateCDATASection\u003c/code\u003e and relied on the previously unsafe behavior will now receive \u003ccode\u003eInvalidCharacterError\u003c/code\u003e. Use a mutation method such as \u003ccode\u003eappendData\u003c/code\u003e if you intentionally need \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e in a CDATASection node's data.\u003c/p\u003e\n\u003ch3\u003eChore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/stevenobiajulu\"\u003e\u003ccode\u003e@​stevenobiajulu\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/yoshi389111\"\u003e\u003ccode\u003e@​yoshi389111\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/thesmartshadow\"\u003e\u003ccode\u003e@​thesmartshadow\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12\"\u003e0.8.12\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve trailing whitespace in ProcessingInstruction data \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/962\"\u003e\u003ccode\u003e[#962](https://github.com/xmldom/xmldom/issues/962)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/42\"\u003e\u003ccode\u003e[#42](https://github.com/xmldom/xmldom/issues/42)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/e5c14802592685bb872c042c54c3f73758875c85\"\u003e\u003ccode\u003ee5c1480\u003c/code\u003e\u003c/a\u003e 0.8.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/9611e20d75f059dc377f806a8f7ee7d1eaeaeb7c\"\u003e\u003ccode\u003e9611e20\u003c/code\u003e\u003c/a\u003e style: drop unused import in test file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/dc4dff3d1d0b5a6b97c52fcc1823a735b8821e62\"\u003e\u003ccode\u003edc4dff3\u003c/code\u003e\u003c/a\u003e docs: add 0.8.13 changelog entry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/842fa38deedd2d9a9c90d0ad54aa1be75d2a41bc\"\u003e\u003ccode\u003e842fa38\u003c/code\u003e\u003c/a\u003e fix: prevent stack overflow in normalize (GHSA-2v35-w6hq-6mfw)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/aeff69f5a32e8c1bd540683da9e10718f84f595c\"\u003e\u003ccode\u003eaeff69f\u003c/code\u003e\u003c/a\u003e test: add normalize behavioral coverage to node.test.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/cbdb0d7db8ae70760bd4cc181cb8f30bb0cd9d88\"\u003e\u003ccode\u003ecbdb0d7\u003c/code\u003e\u003c/a\u003e fix: make walkDOM iterative to prevent stack overflow (GHSA-2v35-w6hq-6mfw)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/0b543d31794dc198c86a0358574cb5dec29674c5\"\u003e\u003ccode\u003e0b543d3\u003c/code\u003e\u003c/a\u003e test: assert namespace declarations are isolated between siblings in serializ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/c007c51909587990c962cf3d5c2acadf4c897b87\"\u003e\u003ccode\u003ec007c51\u003c/code\u003e\u003c/a\u003e refactor: migrate serializeToString to walkDOM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/2bb3899074820089d9e76ce28a5edfdacf425025\"\u003e\u003ccode\u003e2bb3899\u003c/code\u003e\u003c/a\u003e test: add serializeToString coverage for uncovered branches\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/e69f38d0a58731152d300e8c8eb29506f5f488fe\"\u003e\u003ccode\u003ee69f38d\u003c/code\u003e\u003c/a\u003e refactor: migrate importNode to walkDOM\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.10...0.8.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~karfau\"\u003ekarfau\u003c/a\u003e, a new releaser for \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.4.2 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.4.2...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.2.9 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.2.9...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.23 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/zehguilherme/studio-amanda-borges/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/zehguilherme/studio-amanda-borges/pull/557","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/zehguilherme%2Fstudio-amanda-borges/issues/557","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/557/packages"},{"uuid":"4498475478","node_id":"PR_kwDOFUNh887eIo0n","number":21,"state":"closed","title":"deps(deps): bump cookie and next","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-21T23:42:30.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-21T23:05:53.000Z","updated_at":"2026-05-21T23:42:32.000Z","time_to_close":2197,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps)","packages":[{"name":"cookie","repository_url":"https://github.com/jshttp/cookie","old_version":null,"new_version":null,"is_removal":true},{"name":"next","repository_url":"https://github.com/vercel/next.js","old_version":"9.3.3","new_version":"16.2.6"}],"path":null,"ecosystem":"npm"},"body":"Removes [cookie](https://github.com/jshttp/cookie). It's no longer used after updating ancestor dependency [next](https://github.com/vercel/next.js). These dependencies need to be updated together.\n\nRemoves `cookie`\n\nUpdates `next` from 9.3.3 to 16.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - \u003cstrong\u003eIncomplete Fix Follow-Up\u003c/strong\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModerate:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLow:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve HTTP access fallbacks during prerender recovery (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92231\"\u003e#92231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fallback route params case in app-page handler (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91737\"\u003e#91737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix invalid HTML response for route-level RSC requests in deployment adapter (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91541\"\u003e#91541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch setHeader for direct route handlers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93101\"\u003e#93101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude deployment id in \u003ccode\u003ecacheHandlers\u003c/code\u003e keys (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93453\"\u003e#93453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix double-encoding of URL pathname parts in client param parsing (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93491\"\u003e#93491\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev16.2.5\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722\"\u003e\u003ccode\u003eee6e79b\u003c/code\u003e\u003c/a\u003e v16.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/afa053d9eb9c2a68c7eba43e84fe6bed8babcd45\"\u003e\u003ccode\u003eafa053d\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/97a154e5bbee0cb1ac3fb8aa4db66ac36e796e3d\"\u003e\u003ccode\u003e97a154e\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/83899bc89103d4df1479e065c7c1e09d4698a7b6\"\u003e\u003ccode\u003e83899bc\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7b222b90954d607fc28a34e9b360a9b1636bc206\"\u003e\u003ccode\u003e7b222b9\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93595\"\u003e#93595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/a8dc24f1fe23d4a22d24fac734837f7c824138f7\"\u003e\u003ccode\u003ea8dc24f\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93587\"\u003e#93587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4\"\u003e\u003ccode\u003e766148f\u003c/code\u003e\u003c/a\u003e v16.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/0dd94836a8b43209fcfefa448c141683c22c1a27\"\u003e\u003ccode\u003e0dd9483\u003c/code\u003e\u003c/a\u003e fix: add explicit checks for RSC header (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83\"\u003e#83\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d166096c399c4fc4e09cd2d1bf26dca6579a855d\"\u003e\u003ccode\u003ed166096\u003c/code\u003e\u003c/a\u003e fix proxy matching for segment prefetch URLs (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89\"\u003e#89\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9d50c0b7190f59c470308578e12882788819f14c\"\u003e\u003ccode\u003e9d50c0b\u003c/code\u003e\u003c/a\u003e Strip next-resume header from incoming requests (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v9.3.3...v16.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/lukasz-karolewski/wireguard-manager/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/lukasz-karolewski/wireguard-manager/pull/21","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/lukasz-karolewski%2Fwireguard-manager/issues/21","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/21/packages"},{"uuid":"4482068411","node_id":"PR_kwDOSVDIUM7dTh0j","number":4,"state":"open","title":"build(deps): bump the production-dependencies group across 1 directory with 58 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-20T00:18:47.000Z","updated_at":"2026-05-20T00:21:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"production-dependencies","update_count":58,"packages":[{"name":"@anthropic-ai/sdk","old_version":"0.71.0","new_version":"0.97.1","repository_url":"https://github.com/anthropics/anthropic-sdk-typescript"},{"name":"@supabase/supabase-js","old_version":"2.86.0","new_version":"2.106.0","repository_url":"https://github.com/supabase/supabase-js"},{"name":"next","old_version":"16.1.1","new_version":"16.2.6","repository_url":"https://github.com/vercel/next.js"},{"name":"openai","old_version":"6.9.0","new_version":"6.38.0","repository_url":"https://github.com/openai/openai-node"},{"name":"tailwind-merge","old_version":"3.4.0","new_version":"3.6.0","repository_url":"https://github.com/dcastil/tailwind-merge"},{"name":"@ai-sdk/react","old_version":"2.0.93","new_version":"3.0.187","repository_url":"https://github.com/vercel/ai"},{"name":"@aws-sdk/client-s3","old_version":"3.437.0","new_version":"3.1050.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@fumadocs/content-collections","old_version":"1.2.4","new_version":"1.2.9","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"@next/third-parties","old_version":"16.0.3","new_version":"16.2.6","repository_url":"https://github.com/vercel/next.js"},{"name":"@orpc/client","old_version":"1.11.2","new_version":"1.14.3","repository_url":"https://github.com/middleapi/orpc"},{"name":"@orpc/tanstack-query","old_version":"1.11.2","new_version":"1.14.3","repository_url":"https://github.com/middleapi/orpc"},{"name":"@prisma/nextjs-monorepo-workaround-plugin","old_version":"6.19.0","new_version":"7.8.0","repository_url":"https://github.com/prisma/prisma"},{"name":"@tanstack/react-query","old_version":"5.90.9","new_version":"5.100.11","repository_url":"https://github.com/TanStack/query"},{"name":"ai","old_version":"5.0.93","new_version":"6.0.185","repository_url":"https://github.com/vercel/ai"},{"name":"better-auth","old_version":"1.3.34","new_version":"1.6.11","repository_url":"https://github.com/better-auth/better-auth"},{"name":"date-fns","old_version":"4.1.0","new_version":"4.2.1","repository_url":"https://github.com/date-fns/date-fns"},{"name":"es-toolkit","old_version":"1.41.0","new_version":"1.46.1","repository_url":"https://github.com/toss/es-toolkit"},{"name":"fumadocs-core","old_version":"16.0.11","new_version":"16.8.12","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"fumadocs-ui","old_version":"16.0.11","new_version":"16.8.12","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"hono","old_version":"4.10.5","new_version":"4.12.21","repository_url":"https://github.com/honojs/hono"},{"name":"js-cookie","old_version":"3.0.5","new_version":"3.0.7","repository_url":"https://github.com/js-cookie/js-cookie"},{"name":"lucide-react","old_version":"0.553.0","new_version":"1.16.0","repository_url":"https://github.com/lucide-icons/lucide"},{"name":"next-intl","old_version":"4.5.3","new_version":"4.12.0","repository_url":"https://github.com/amannn/next-intl"},{"name":"nuqs","old_version":"2.7.3","new_version":"2.8.9","repository_url":"https://github.com/47ng/nuqs"},{"name":"pg","old_version":"8.16.3","new_version":"8.21.0","repository_url":"https://github.com/brianc/node-postgres"},{"name":"prettier","old_version":"3.6.2","new_version":"3.8.3","repository_url":"https://github.com/prettier/prettier"},{"name":"react","old_version":"19.2.0","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"react-dom","old_version":"19.2.0","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"react-dropzone","old_version":"14.3.8","new_version":"15.0.0","repository_url":"https://github.com/react-dropzone/react-dropzone"},{"name":"react-hook-form","old_version":"7.66.0","new_version":"7.76.0","repository_url":"https://github.com/react-hook-form/react-hook-form"},{"name":"react-qr-code","old_version":"2.0.18","new_version":"2.0.21","repository_url":"https://github.com/rosskhanas/react-qr-code"},{"name":"resend","old_version":"6.4.2","new_version":"6.12.3","repository_url":"https://github.com/resend/resend-node"},{"name":"slugify","old_version":"1.6.6","new_version":"1.6.9","repository_url":"https://github.com/simov/slugify"},{"name":"stripe","old_version":"19.3.1","new_version":"22.1.1","repository_url":"https://github.com/stripe/stripe-node"},{"name":"ufo","old_version":"1.6.1","new_version":"1.6.4","repository_url":"https://github.com/unjs/ufo"},{"name":"uuid","old_version":"13.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"zod","old_version":"4.1.12","new_version":"4.4.3","repository_url":"https://github.com/colinhacks/zod"},{"name":"@ai-sdk/anthropic","old_version":"2.0.44","new_version":"3.0.78","repository_url":"https://github.com/vercel/ai"},{"name":"@ai-sdk/openai","old_version":"2.0.65","new_version":"3.0.64","repository_url":"https://github.com/vercel/ai"},{"name":"@orpc/json-schema","old_version":"1.11.2","new_version":"1.14.3","repository_url":"https://github.com/middleapi/orpc"},{"name":"@orpc/openapi","old_version":"1.11.2","new_version":"1.14.3","repository_url":"https://github.com/middleapi/orpc"},{"name":"@orpc/server","old_version":"1.11.2","new_version":"1.14.3","repository_url":"https://github.com/middleapi/orpc"},{"name":"@orpc/zod","old_version":"1.11.2","new_version":"1.14.3","repository_url":"https://github.com/middleapi/orpc"},{"name":"@scalar/hono-api-reference","old_version":"0.9.24","new_version":"0.10.16","repository_url":"https://github.com/scalar/scalar"},{"name":"cookie","old_version":"1.0.2","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"},{"name":"nanoid","old_version":"5.1.6","new_version":"5.1.11","repository_url":"https://github.com/ai/nanoid"},{"name":"use-intl","old_version":"4.5.3","new_version":"4.12.0","repository_url":"https://github.com/amannn/next-intl"},{"name":"@paralleldrive/cuid2","old_version":"3.1.0","new_version":"3.3.0","repository_url":"https://github.com/ericelliott/cuid2"},{"name":"@prisma/adapter-pg","old_version":"6.19.0","new_version":"7.8.0","repository_url":"https://github.com/prisma/prisma"},{"name":"@prisma/client","old_version":"6.19.0","new_version":"7.8.0","repository_url":"https://github.com/prisma/prisma"},{"name":"drizzle-orm","old_version":"0.44.7","new_version":"0.45.2","repository_url":"https://github.com/drizzle-team/drizzle-orm"},{"name":"@react-email/components","old_version":"1.0.1","new_version":"1.0.12","repository_url":"https://github.com/resend/react-email"},{"name":"@react-email/render","old_version":"2.0.0","new_version":"2.0.8","repository_url":"https://github.com/resend/react-email"},{"name":"nodemailer","old_version":"7.0.10","new_version":"8.0.7","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"react-email","old_version":"5.0.4","new_version":"6.1.5","repository_url":"https://github.com/resend/react-email"},{"name":"@polar-sh/sdk","old_version":"0.41.4","new_version":"0.47.1","repository_url":"https://github.com/polarsource/polar-js"},{"name":"dodopayments","old_version":"2.5.0","new_version":"2.31.2","repository_url":"https://github.com/dodopayments/dodopayments-typescript"},{"name":"@aws-sdk/s3-request-presigner","old_version":"3.437.0","new_version":"3.1050.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"}],"path":null,"ecosystem":"npm"},"body":"Bumps the production-dependencies group with 58 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@anthropic-ai/sdk](https://github.com/anthropics/anthropic-sdk-typescript) | `0.71.0` | `0.97.1` |\n| [@supabase/supabase-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js) | `2.86.0` | `2.106.0` |\n| [next](https://github.com/vercel/next.js) | `16.1.1` | `16.2.6` |\n| [openai](https://github.com/openai/openai-node) | `6.9.0` | `6.38.0` |\n| [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.4.0` | `3.6.0` |\n| [@ai-sdk/react](https://github.com/vercel/ai/tree/HEAD/packages/react) | `2.0.93` | `3.0.187` |\n| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.437.0` | `3.1050.0` |\n| [@fumadocs/content-collections](https://github.com/fuma-nama/fumadocs) | `1.2.4` | `1.2.9` |\n| [@next/third-parties](https://github.com/vercel/next.js/tree/HEAD/packages/third-parties) | `16.0.3` | `16.2.6` |\n| [@orpc/client](https://github.com/middleapi/orpc/tree/HEAD/packages/client) | `1.11.2` | `1.14.3` |\n| [@orpc/tanstack-query](https://github.com/middleapi/orpc/tree/HEAD/packages/tanstack-query) | `1.11.2` | `1.14.3` |\n| [@prisma/nextjs-monorepo-workaround-plugin](https://github.com/prisma/prisma/tree/HEAD/packages/nextjs-monorepo-workaround-plugin) | `6.19.0` | `7.8.0` |\n| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.90.9` | `5.100.11` |\n| [ai](https://github.com/vercel/ai/tree/HEAD/packages/ai) | `5.0.93` | `6.0.185` |\n| [better-auth](https://github.com/better-auth/better-auth/tree/HEAD/packages/better-auth) | `1.3.34` | `1.6.11` |\n| [date-fns](https://github.com/date-fns/date-fns) | `4.1.0` | `4.2.1` |\n| [es-toolkit](https://github.com/toss/es-toolkit) | `1.41.0` | `1.46.1` |\n| [fumadocs-core](https://github.com/fuma-nama/fumadocs) | `16.0.11` | `16.8.12` |\n| [fumadocs-ui](https://github.com/fuma-nama/fumadocs) | `16.0.11` | `16.8.12` |\n| [hono](https://github.com/honojs/hono) | `4.10.5` | `4.12.21` |\n| [js-cookie](https://github.com/js-cookie/js-cookie) | `3.0.5` | `3.0.7` |\n| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.553.0` | `1.16.0` |\n| [next-intl](https://github.com/amannn/next-intl) | `4.5.3` | `4.12.0` |\n| [nuqs](https://github.com/47ng/nuqs/tree/HEAD/packages/nuqs) | `2.7.3` | `2.8.9` |\n| [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.16.3` | `8.21.0` |\n| [prettier](https://github.com/prettier/prettier) | `3.6.2` | `3.8.3` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.0` | `19.2.6` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.0` | `19.2.6` |\n| [react-dropzone](https://github.com/react-dropzone/react-dropzone) | `14.3.8` | `15.0.0` |\n| [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.66.0` | `7.76.0` |\n| [react-qr-code](https://github.com/rosskhanas/react-qr-code) | `2.0.18` | `2.0.21` |\n| [resend](https://github.com/resend/resend-node) | `6.4.2` | `6.12.3` |\n| [slugify](https://github.com/simov/slugify) | `1.6.6` | `1.6.9` |\n| [stripe](https://github.com/stripe/stripe-node) | `19.3.1` | `22.1.1` |\n| [ufo](https://github.com/unjs/ufo) | `1.6.1` | `1.6.4` |\n| [uuid](https://github.com/uuidjs/uuid) | `13.0.0` | `14.0.0` |\n| [zod](https://github.com/colinhacks/zod) | `4.1.12` | `4.4.3` |\n| [@ai-sdk/anthropic](https://github.com/vercel/ai/tree/HEAD/packages/anthropic) | `2.0.44` | `3.0.78` |\n| [@ai-sdk/openai](https://github.com/vercel/ai/tree/HEAD/packages/openai) | `2.0.65` | `3.0.64` |\n| [@orpc/json-schema](https://github.com/middleapi/orpc/tree/HEAD/packages/json-schema) | `1.11.2` | `1.14.3` |\n| [@orpc/openapi](https://github.com/middleapi/orpc/tree/HEAD/packages/openapi) | `1.11.2` | `1.14.3` |\n| [@orpc/server](https://github.com/middleapi/orpc/tree/HEAD/packages/server) | `1.11.2` | `1.14.3` |\n| [@orpc/zod](https://github.com/middleapi/orpc/tree/HEAD/packages/zod) | `1.11.2` | `1.14.3` |\n| [@scalar/hono-api-reference](https://github.com/scalar/scalar/tree/HEAD/integrations/hono) | `0.9.24` | `0.10.16` |\n| [cookie](https://github.com/jshttp/cookie) | `1.0.2` | `1.1.1` |\n| [nanoid](https://github.com/ai/nanoid) | `5.1.6` | `5.1.11` |\n| [use-intl](https://github.com/amannn/next-intl) | `4.5.3` | `4.12.0` |\n| [@paralleldrive/cuid2](https://github.com/ericelliott/cuid2) | `3.1.0` | `3.3.0` |\n| [@prisma/adapter-pg](https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg) | `6.19.0` | `7.8.0` |\n| [@prisma/client](https://github.com/prisma/prisma/tree/HEAD/packages/client) | `6.19.0` | `7.8.0` |\n| [drizzle-orm](https://github.com/drizzle-team/drizzle-orm) | `0.44.7` | `0.45.2` |\n| [@react-email/components](https://github.com/resend/react-email/tree/HEAD/packages/components) | `1.0.1` | `1.0.12` |\n| [@react-email/render](https://github.com/resend/react-email/tree/HEAD/packages/render) | `2.0.0` | `2.0.8` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.10` | `8.0.7` |\n| [react-email](https://github.com/resend/react-email/tree/HEAD/packages/react-email) | `5.0.4` | `6.1.5` |\n| [@polar-sh/sdk](https://github.com/polarsource/polar-js) | `0.41.4` | `0.47.1` |\n| [dodopayments](https://github.com/dodopayments/dodopayments-typescript) | `2.5.0` | `2.31.2` |\n| [@aws-sdk/s3-request-presigner](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner) | `3.437.0` | `3.1050.0` |\n\n\nUpdates `@anthropic-ai/sdk` from 0.71.0 to 0.97.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/releases\"\u003e@​anthropic-ai/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esdk: v0.97.1\u003c/h2\u003e\n\u003ch2\u003e0.97.1 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.0...sdk-v0.97.1\"\u003esdk-v0.97.0...sdk-v0.97.1\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner:\u003c/strong\u003e skip tool calls SessionToolRunner does not own (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9987379abeaf28b17edb5518ac229d2a6caa4bf6\"\u003e9987379\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.97.0\u003c/h2\u003e\n\u003ch2\u003e0.97.0 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.96.0...sdk-v0.97.0\"\u003esdk-v0.96.0...sdk-v0.97.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e Add support for self-hosted sandboxes in CMA with sandbox helpers (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/659a343c820e316229715466b64e420428ee762b\"\u003e659a343\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript:\u003c/strong\u003e upgrade tsc-multi so that it works with Node 26 (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/623f71c848ce9b3b88eb08e009b6b3d08a6e5c1c\"\u003e623f71c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etests:\u003c/strong\u003e remove redundant File import (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cf821fcc06f84cb2150cc0ed4ddb862b5d67f633\"\u003ecf821fc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.96.0\u003c/h2\u003e\n\u003ch2\u003e0.96.0 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.95.2...sdk-v0.96.0\"\u003esdk-v0.95.2...sdk-v0.96.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add BetaManagedAgentsSearchResultBlock types (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/08f02f3d0c34a9563b17af40b227acf3b105f8a3\"\u003e08f02f3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for cache diagnostics beta (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/eafbd6d78b81253c79cb861de6a9232b18eb60de\"\u003eeafbd6d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ezod:\u003c/strong\u003e ensure only zod/v4 types are used (\u003ca href=\"https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/992\"\u003e#992\u003c/a\u003e) (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9e08bcc988697c195b31569b7519b7954aea6372\"\u003e9e08bcc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e spec updates (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/27d64ef828dc4ec11d44118a7ed1fcf83d67da0d\"\u003e27d64ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.95.2\u003c/h2\u003e\n\u003ch2\u003e0.95.2 (2026-05-11)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/blob/main/CHANGELOG.md\"\u003e@​anthropic-ai/sdk's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.97.1 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.0...sdk-v0.97.1\"\u003esdk-v0.97.0...sdk-v0.97.1\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner:\u003c/strong\u003e skip tool calls SessionToolRunner does not own (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9987379abeaf28b17edb5518ac229d2a6caa4bf6\"\u003e9987379\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.97.0 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.96.0...sdk-v0.97.0\"\u003esdk-v0.96.0...sdk-v0.97.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e Add support for self-hosted sandboxes in CMA with sandbox helpers (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/659a343c820e316229715466b64e420428ee762b\"\u003e659a343\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript:\u003c/strong\u003e upgrade tsc-multi so that it works with Node 26 (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/623f71c848ce9b3b88eb08e009b6b3d08a6e5c1c\"\u003e623f71c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etests:\u003c/strong\u003e remove redundant File import (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cf821fcc06f84cb2150cc0ed4ddb862b5d67f633\"\u003ecf821fc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.96.0 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.95.2...sdk-v0.96.0\"\u003esdk-v0.95.2...sdk-v0.96.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add BetaManagedAgentsSearchResultBlock types (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/08f02f3d0c34a9563b17af40b227acf3b105f8a3\"\u003e08f02f3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for cache diagnostics beta (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/eafbd6d78b81253c79cb861de6a9232b18eb60de\"\u003eeafbd6d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ezod:\u003c/strong\u003e ensure only zod/v4 types are used (\u003ca href=\"https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/992\"\u003e#992\u003c/a\u003e) (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9e08bcc988697c195b31569b7519b7954aea6372\"\u003e9e08bcc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e spec updates (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/27d64ef828dc4ec11d44118a7ed1fcf83d67da0d\"\u003e27d64ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.95.2 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.95.1...sdk-v0.95.2\"\u003esdk-v0.95.1...sdk-v0.95.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.95.1 (2026-05-07)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/ac9ece3c566b4488dcf73849c17b656ec2d7d17d\"\u003e\u003ccode\u003eac9ece3\u003c/code\u003e\u003c/a\u003e chore: release main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/1987147935325ea6b1e0f96cea6851c9d407e6c2\"\u003e\u003ccode\u003e1987147\u003c/code\u003e\u003c/a\u003e fix(runner): skip tool calls SessionToolRunner does not own\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/409ff0e5027422a5ede84280cb851c1de108c246\"\u003e\u003ccode\u003e409ff0e\u003c/code\u003e\u003c/a\u003e chore: release main (\u003ca href=\"https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/1052\"\u003e#1052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/a53f60d59ca904f3e79296586642aac3ce68ae02\"\u003e\u003ccode\u003ea53f60d\u003c/code\u003e\u003c/a\u003e chore: release main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/d1b8d04617c5167f1296520b4c9b1156d0482159\"\u003e\u003ccode\u003ed1b8d04\u003c/code\u003e\u003c/a\u003e feat(api): Add support for cache diagnostics beta\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/8e43bf81bc7029411e5a3b81b485d8dda364b376\"\u003e\u003ccode\u003e8e43bf8\u003c/code\u003e\u003c/a\u003e chore(api): spec updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/697e4d592bb3a1258788bd3064ac4dc35671e896\"\u003e\u003ccode\u003e697e4d5\u003c/code\u003e\u003c/a\u003e codegen metadata\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cd5801cbf6cc4db5f6eee155643294feda0ba588\"\u003e\u003ccode\u003ecd5801c\u003c/code\u003e\u003c/a\u003e feat(api): Add BetaManagedAgentsSearchResultBlock types\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/dce6bc7d0d8c38cbdfe6414587eb0e2e82dfd6f0\"\u003e\u003ccode\u003edce6bc7\u003c/code\u003e\u003c/a\u003e ci: pin GitHub Actions to commit SHAs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/4eee5232602bc3f1f91d8676267b1bd821e16e7f\"\u003e\u003ccode\u003e4eee523\u003c/code\u003e\u003c/a\u003e fix(zod): ensure only zod/v4 types are used (\u003ca href=\"https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/992\"\u003e#992\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.71.0...sdk-v0.97.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@supabase/supabase-js` from 2.86.0 to 2.106.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/supabase/supabase-js/releases\"\u003e@​supabase/supabase-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.106.0\u003c/h2\u003e\n\u003ch2\u003e2.106.0 (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esupabase:\u003c/strong\u003e W3C/OpenTelemetry trace context propagation (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2163\"\u003e#2163\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eauth:\u003c/strong\u003e return null user and session for email_change single-confirmation verifyOtp (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2378\"\u003e#2378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003erelease:\u003c/strong\u003e mark \u003ccode\u003e@​supabase/tracing\u003c/code\u003e private and snapshot it for JSR (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2370\"\u003e#2370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003estorage:\u003c/strong\u003e make StreamDownloadBuilder implement Promise and memoize executor (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2367\"\u003e#2367\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eClaude Sonnet 4.5\u003c/li\u003e\n\u003cli\u003eGuilherme Souza\u003c/li\u003e\n\u003cli\u003eKaterina Skroumpelou \u003ca href=\"https://github.com/mandarini\"\u003e\u003ccode\u003e@​mandarini\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eoniani1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.106.0-canary.4\u003c/h2\u003e\n\u003ch2\u003e2.106.0-canary.4 (2026-05-15)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only, there were no code changes.\u003c/p\u003e\n\u003ch2\u003ev2.106.0-canary.3\u003c/h2\u003e\n\u003ch2\u003e2.106.0-canary.3 (2026-05-15)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only, there were no code changes.\u003c/p\u003e\n\u003ch2\u003ev2.106.0-canary.2\u003c/h2\u003e\n\u003ch2\u003e2.106.0-canary.2 (2026-05-14)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only, there were no code changes.\u003c/p\u003e\n\u003ch2\u003ev2.106.0-canary.1\u003c/h2\u003e\n\u003ch2\u003e2.106.0-canary.1 (2026-05-13)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erelease:\u003c/strong\u003e mark \u003ccode\u003e@​supabase/tracing\u003c/code\u003e private and snapshot it for JSR (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2370\"\u003e#2370\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKaterina Skroumpelou \u003ca href=\"https://github.com/mandarini\"\u003e\u003ccode\u003e@​mandarini\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.106.0-canary.0\u003c/h2\u003e\n\u003ch2\u003e2.106.0-canary.0 (2026-05-13)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/supabase/supabase-js/blob/master/packages/core/supabase-js/CHANGELOG.md\"\u003e@​supabase/supabase-js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.106.0 (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esupabase:\u003c/strong\u003e W3C/OpenTelemetry trace context propagation (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2163\"\u003e#2163\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erelease:\u003c/strong\u003e mark \u003ccode\u003e@​supabase/tracing\u003c/code\u003e private and snapshot it for JSR (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2370\"\u003e#2370\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eClaude Sonnet 4.5\u003c/li\u003e\n\u003cli\u003eGuilherme Souza\u003c/li\u003e\n\u003cli\u003eKaterina Skroumpelou \u003ca href=\"https://github.com/mandarini\"\u003e\u003ccode\u003e@​mandarini\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.105.4 (2026-05-08)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for \u003ccode\u003e@​supabase/supabase-js\u003c/code\u003e to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003ch2\u003e2.105.2 (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eauth:\u003c/strong\u003e forward lockAcquireTimeout to SupabaseAuthClient (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2309\"\u003e#2309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisc:\u003c/strong\u003e widen enum-like unions with (string \u0026amp; {}) for forward compat (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2303\"\u003e#2303\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMuzzaiyyan Hussain \u003ca href=\"https://github.com/MuzzaiyyanHussain\"\u003e\u003ccode\u003e@​MuzzaiyyanHussain\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.105.1 (2026-04-28)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for \u003ccode\u003e@​supabase/supabase-js\u003c/code\u003e to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003ch2\u003e2.105.0 (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eauth:\u003c/strong\u003e add passkey support with WebAuthn registration, authentication, and management (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2283\"\u003e#2283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003erealtime:\u003c/strong\u003e Realtime deferred disconnect (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2282\"\u003e#2282\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.104.1 (2026-04-23)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esupabase:\u003c/strong\u003e propagate custom fetch to realtime client (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2267\"\u003e#2267\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/1c48755657c5f7aac5e4a7abf3f68f27efc0c746\"\u003e\u003ccode\u003e1c48755\u003c/code\u003e\u003c/a\u003e chore(deps): cleanups and updates (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2371\"\u003e#2371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/9dfba1c3d98c2c41c60f940a211950dfd3924e01\"\u003e\u003ccode\u003e9dfba1c\u003c/code\u003e\u003c/a\u003e chore(repo): migrate to pnpm (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2368\"\u003e#2368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/6731c4a900135ecbb14420bb3f3fe39196a0a9db\"\u003e\u003ccode\u003e6731c4a\u003c/code\u003e\u003c/a\u003e fix(release): mark \u003ccode\u003e@​supabase/tracing\u003c/code\u003e private and snapshot it for JSR (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2370\"\u003e#2370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/2fe1801fd5e9e03dd22308bcb98854429f634dd4\"\u003e\u003ccode\u003e2fe1801\u003c/code\u003e\u003c/a\u003e feat(supabase): W3C/OpenTelemetry trace context propagation (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2163\"\u003e#2163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/fae67728092fad24bd2b926f0fe57ef3e3554fc1\"\u003e\u003ccode\u003efae6772\u003c/code\u003e\u003c/a\u003e chore(repo): update to nx 22 (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2353\"\u003e#2353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/c6f7a386867d07ae45e5846543ded70e485c6ea1\"\u003e\u003ccode\u003ec6f7a38\u003c/code\u003e\u003c/a\u003e chore(release): version 2.105.4 changelogs (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2342\"\u003e#2342\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/db53b0fd15f413e75220104c180ae0539b2aa556\"\u003e\u003ccode\u003edb53b0f\u003c/code\u003e\u003c/a\u003e chore(release): version 2.105.2 changelogs (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2323\"\u003e#2323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/5223888e85bf3f8f176bd2321e735aac1f31f44a\"\u003e\u003ccode\u003e5223888\u003c/code\u003e\u003c/a\u003e [patchback] docs(repo): \u003ca href=\"https://github.com/category\"\u003e\u003ccode\u003e@​category\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/subcategory\"\u003e\u003ccode\u003e@​subcategory\u003c/code\u003e\u003c/a\u003e tags across all packages (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/0412d0db46ac482a39694cfd932a68d0d95064a3\"\u003e\u003ccode\u003e0412d0d\u003c/code\u003e\u003c/a\u003e fix(auth): forward lockAcquireTimeout to SupabaseAuthClient (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2309\"\u003e#2309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/42c9cbbcba16b4b4b916c870e9bcd8a64ad71141\"\u003e\u003ccode\u003e42c9cbb\u003c/code\u003e\u003c/a\u003e [patchback] fix(misc): widen enum-like unions with (string \u0026amp; {}) for forward ...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/supabase/supabase-js/commits/v2.106.0/packages/core/supabase-js\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 16.1.1 to 16.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - \u003cstrong\u003eIncomplete Fix Follow-Up\u003c/strong\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModerate:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLow:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve HTTP access fallbacks during prerender recovery (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92231\"\u003e#92231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fallback route params case in app-page handler (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91737\"\u003e#91737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix invalid HTML response for route-level RSC requests in deployment adapter (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91541\"\u003e#91541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch setHeader for direct route handlers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93101\"\u003e#93101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude deployment id in \u003ccode\u003ecacheHandlers\u003c/code\u003e keys (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93453\"\u003e#93453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix double-encoding of URL pathname parts in client param parsing (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93491\"\u003e#93491\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev16.2.5\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722\"\u003e\u003ccode\u003eee6e79b\u003c/code\u003e\u003c/a\u003e v16.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/afa053d9eb9c2a68c7eba43e84fe6bed8babcd45\"\u003e\u003ccode\u003eafa053d\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/97a154e5bbee0cb1ac3fb8aa4db66ac36e796e3d\"\u003e\u003ccode\u003e97a154e\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/83899bc89103d4df1479e065c7c1e09d4698a7b6\"\u003e\u003ccode\u003e83899bc\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7b222b90954d607fc28a34e9b360a9b1636bc206\"\u003e\u003ccode\u003e7b222b9\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93595\"\u003e#93595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/a8dc24f1fe23d4a22d24fac734837f7c824138f7\"\u003e\u003ccode\u003ea8dc24f\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93587\"\u003e#93587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4\"\u003e\u003ccode\u003e766148f\u003c/code\u003e\u003c/a\u003e v16.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/0dd94836a8b43209fcfefa448c141683c22c1a27\"\u003e\u003ccode\u003e0dd9483\u003c/code\u003e\u003c/a\u003e fix: add explicit checks for RSC header (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83\"\u003e#83\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d166096c399c4fc4e09cd2d1bf26dca6579a855d\"\u003e\u003ccode\u003ed166096\u003c/code\u003e\u003c/a\u003e fix proxy matching for segment prefetch URLs (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89\"\u003e#89\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9d50c0b7190f59c470308578e12882788819f14c\"\u003e\u003ccode\u003e9d50c0b\u003c/code\u003e\u003c/a\u003e Strip next-resume header from incoming requests (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v16.1.1...v16.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `openai` from 6.9.0 to 6.38.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/openai/openai-node/releases\"\u003eopenai's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.38.0\u003c/h2\u003e\n\u003ch2\u003e6.38.0 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/openai/openai-node/compare/v6.37.0...v6.38.0\"\u003ev6.37.0...v6.38.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add service_tier parameter to responses compact method (\u003ca href=\"https://github.com/openai/openai-node/commit/423e838c498bd1b77f3b732cfc43c54fc5d261df\"\u003e423e838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.37.0\u003c/h2\u003e\n\u003ch2\u003e6.37.0 (2026-05-07)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/openai/openai-node/compare/v6.36.0...v6.37.0\"\u003ev6.36.0...v6.37.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add quantity field to admin organization usage responses (\u003ca href=\"https://github.com/openai/openai-node/commit/273a8f73e65839fb4d2ebc2a54ccc38383bd7517\"\u003e273a8f7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add web_search_call.results output option to responses (\u003ca href=\"https://github.com/openai/openai-node/commit/91c75e064f12946d3774cb182e5cd795000019ce\"\u003e91c75e0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e launch realtime translate + update image 2 (\u003ca href=\"https://github.com/openai/openai-node/commit/a296b661f0598ed001309d7deb693caa1596875c\"\u003ea296b66\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e manual updates (\u003ca href=\"https://github.com/openai/openai-node/commit/794b90513f5ca63bd95c6cf774722fa6aeae293d\"\u003e794b905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e manual updates (\u003ca href=\"https://github.com/openai/openai-node/commit/69637293939580a9d20bd9274d86f23a012ffd87\"\u003e6963729\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e realtime 2 (\u003ca href=\"https://github.com/openai/openai-node/commit/f4b717702182adfc684270c0e7d5ff11d6c7a408\"\u003ef4b7177\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e fix imagegen \u003ccode\u003esize\u003c/code\u003e enum regression (\u003ca href=\"https://github.com/openai/openai-node/commit/4fe8469a7c1f892d586df375a449f6bd0e318b15\"\u003e4fe8469\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eredact api-key headers in debug logs (\u003ca href=\"https://github.com/openai/openai-node/commit/99c9c800e179c13659b96386dedd6c17dd6ffb8d\"\u003e99c9c80\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.36.0\u003c/h2\u003e\n\u003ch2\u003e6.36.0 (2026-05-01)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/openai/openai-node/compare/v6.35.0...v6.36.0\"\u003ev6.35.0...v6.36.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add group_type/user metadata fields, update types across admin resources (\u003ca href=\"https://github.com/openai/openai-node/commit/cc52f9755e3ce3b29ea2266482521c8d83ab88ad\"\u003ecc52f97\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add support for Admin API Keys per endpoint (\u003ca href=\"https://github.com/openai/openai-node/commit/770d187be1d6c0419002a9b01e7dec6a99761f94\"\u003e770d187\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e admin API updates (\u003ca href=\"https://github.com/openai/openai-node/commit/ee2bd2d8e66a5b90f80e6ca8ab4544385d9a5de3\"\u003eee2bd2d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e manual updates (\u003ca href=\"https://github.com/openai/openai-node/commit/6af2b6dfd86e4d7e7a2cb5afb1275217fcd5d242\"\u003e6af2b6d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e manual updates (\u003ca href=\"https://github.com/openai/openai-node/commit/f2dceda58fce6e44e740b56b9337597275d25e5b\"\u003ef2dceda\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e support admin api key auth (\u003ca href=\"https://github.com/openai/openai-node/commit/e3862a3d415ba3cedb178718e2c9bc0c2d09e01e\"\u003ee3862a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/openai/openai-node/blob/master/CHANGELOG.md\"\u003eopenai's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.38.0 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/openai/openai-node/compare/v6.37.0...v6.38.0\"\u003ev6.37.0...v6.38.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add service_tier parameter to responses compact method (\u003ca href=\"https://github.com/openai/openai-node/commit/423e838c498bd1b77f3b732cfc43c54fc5d261df\"\u003e423e838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.37.0 (2026-05-07)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/openai/openai-node/compare/v6.36.0...v6.37.0\"\u003ev6.36.0...v6.37.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add quantity field to admin organization usage responses (\u003ca href=\"https://github.com/openai/openai-node/commit/273a8f73e65839fb4d2ebc2a54ccc38383bd7517\"\u003e273a8f7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add web_search_call.results output option to responses (\u003ca href=\"https://github.com/openai/openai-node/commit/91c75e064f12946d3774cb182e5cd795000019ce\"\u003e91c75e0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e launch realtime translate + update image 2 (\u003ca href=\"https://github.com/openai/openai-node/commit/a296b661f0598ed001309d7deb693caa1596875c\"\u003ea296b66\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e manual updates (\u003ca href=\"https://github.com/openai/openai-node/commit/794b90513f5ca63bd95c6cf774722fa6aeae293d\"\u003e794b905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e manual updates (\u003ca href=\"https://github.com/openai/openai-node/commit/69637293939580a9d20bd9274d86f23a012ffd87\"\u003e6963729\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e realtime 2 (\u003ca href=\"https://github.com/openai/openai-node/commit/f4b717702182adfc684270c0e7d5ff11d6c7a408\"\u003ef4b7177\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e fix imagegen \u003ccode\u003esize\u003c/code\u003e enum regression (\u003ca href=\"https://github.com/openai/openai-node/commit/4fe8469a7c1f892d586df375a449f6bd0e318b15\"\u003e4fe8469\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eredact api-key headers in debug logs (\u003ca href=\"https://github.com/openai/openai-node/commit/99c9c800e179c13659b96386dedd6c17dd6ffb8d\"\u003e99c9c80\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.36.0 (2026-05-01)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/openai/openai-node/compare/v6.35.0...v6.36.0\"\u003ev6.35.0...v6.36.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add group_type/user metadata fields, update types across admin resources (\u003ca href=\"https://github.com/openai/openai-node/commit/cc52f9755e3ce3b29ea2266482521c8d83ab88ad\"\u003ecc52f97\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add support for Admin API Keys per endpoint (\u003ca href=\"https://github.com/openai/openai-node/commit/770d187be1d6c0419002a9b01e7dec6a99761f94\"\u003e770d187\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e admin API updates (\u003ca href=\"https://github.com/openai/openai-node/commit/ee2bd2d8e66a5b90f80e6ca8ab4544385d9a5de3\"\u003eee2bd2d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e manual updates (\u003ca href=\"https://github.com/openai/openai-node/commit/6af2b6dfd86e4d7e7a2cb5afb1275217fcd5d242\"\u003e6af2b6d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e manual updates (\u003ca href=\"https://github.com/openai/openai-node/commit/f2dceda58fce6e44e740b56b9337597275d25e5b\"\u003ef2dceda\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e support admin api key auth (\u003ca href=\"https://github.com/openai/openai-node/commit/e3862a3d415ba3cedb178718e2c9bc0c2d09e01e\"\u003ee3862a3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e tighten auth header selection (\u003ca href=\"https://github.com/openai/openai-node/commit/f1203bd884fb4131c54d9d7b8f89e9db3f4fc57c\"\u003ef1203bd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/87f3b041c80917f8d416c69f9237ac07239da577\"\u003e\u003ccode\u003e87f3b04\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/openai/openai-node/issues/1870\"\u003e#1870\u003c/a\u003e from openai/release-please--branches--master--change...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/9d917763b12451b08702c0fe167e5c3ca297db51\"\u003e\u003ccode\u003e9d91776\u003c/code\u003e\u003c/a\u003e release: 6.38.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/427ae2bde6dfa798d160c9530a2dea30f06069e6\"\u003e\u003ccode\u003e427ae2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/openai/openai-node/issues/1127\"\u003e#1127\u003c/a\u003e from stainless-sdks/dev/jtian/remove-unnecessary-params\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/255142ec3b468c99ef0c4f4100f5e40bc21b3779\"\u003e\u003ccode\u003e255142e\u003c/code\u003e\u003c/a\u003e [feat] Remove unnecessary params client id during init\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/423e838c498bd1b77f3b732cfc43c54fc5d261df\"\u003e\u003ccode\u003e423e838\u003c/code\u003e\u003c/a\u003e feat(api): add service_tier parameter to responses compact method\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/b0e89cddad2e9ee4f8262c0f1157c7376ecf4156\"\u003e\u003ccode\u003eb0e89cd\u003c/code\u003e\u003c/a\u003e release: 6.37.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/21510635ece628e0063c324e390868385c9de3dd\"\u003e\u003ccode\u003e2151063\u003c/code\u003e\u003c/a\u003e feat(api): realtime 2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/a5c41848ba2eb0cfc412b54200b0b7e6acc99dab\"\u003e\u003ccode\u003ea5c4184\u003c/code\u003e\u003c/a\u003e feat(api): manual updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/17c79fb09ba7b6a36a9ee3d7d6b19c6502b15f2b\"\u003e\u003ccode\u003e17c79fb\u003c/code\u003e\u003c/a\u003e chore: redact api-key headers in debug logs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/36f69f6e078d308ed8876625d7d06fa210d649e5\"\u003e\u003ccode\u003e36f69f6\u003c/code\u003e\u003c/a\u003e codegen metadata\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/openai/openai-node/compare/v6.9.0...v6.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for openai since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tailwind-merge` from 3.4.0 to 3.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dcastil/tailwind-merge/releases\"\u003etailwind-merge's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.6.0\u003c/h2\u003e\n\u003ch3\u003eNew Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Tailwind CSS v4.3 by \u003ca href=\"https://github.com/dcastil\"\u003e\u003ccode\u003e@​dcastil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dcastil/tailwind-merge/pull/677\"\u003edcastil/tailwind-merge#677\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003epostfixLookupClassGroups\u003c/code\u003e option to config to support Tailwind utilities where a slash is part of the full class name, like named container queries\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd support for readonly array values by \u003ca href=\"https://github.com/unional\"\u003e\u003ccode\u003e@​unional\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dcastil/tailwind-merge/pull/652\"\u003edcastil/tailwind-merge#652\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix broken links in README by \u003ca href=\"https://github.com/maurer2\"\u003e\u003ccode\u003e@​maurer2\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dcastil/tailwind-merge/pull/662\"\u003edcastil/tailwind-merge#662\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eHarden internal CI pipeline security by omitting git checkout by \u003ca href=\"https://github.com/dcastil\"\u003e\u003ccode\u003e@​dcastil\u003c/code\u003e\u003c/a\u003e, suggested by \u003ca href=\"https://github.com/kyletaylored\"\u003e\u003ccode\u003e@​kyletaylored\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/6b2499c10cf52bed42426d30b4219e90374b30d6\"\u003ehttps://github.com/dcastil/tailwind-merge/commit/6b2499c10cf52bed42426d30b4219e90374b30d6\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dcastil/tailwind-merge/compare/v3.5.0...v3.6.0\"\u003ehttps://github.com/dcastil/tailwind-merge/compare/v3.5.0...v3.6.0\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/brandonmcconnell\"\u003e\u003ccode\u003e@​brandonmcconnell\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/manavm1990\"\u003e\u003ccode\u003e@​manavm1990\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/langy\"\u003e\u003ccode\u003e@​langy\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/roboflow\"\u003e\u003ccode\u003e@​roboflow\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/syntaxfm\"\u003e\u003ccode\u003e@​syntaxfm\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/getsentry\"\u003e\u003ccode\u003e@​getsentry\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/codecov\"\u003e\u003ccode\u003e@​codecov\u003c/code\u003e\u003c/a\u003e, a private sponsor, \u003ca href=\"https://github.com/block\"\u003e\u003ccode\u003e@​block\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/openclaw\"\u003e\u003ccode\u003e@​openclaw\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/sourcegraph\"\u003e\u003ccode\u003e@​sourcegraph\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mike-healy\"\u003e\u003ccode\u003e@​mike-healy\u003c/code\u003e\u003c/a\u003e and more via \u003ca href=\"https://github.com/thnxdev\"\u003e\u003ccode\u003e@​thnxdev\u003c/code\u003e\u003c/a\u003e for sponsoring tailwind-merge! ❤️\u003c/p\u003e\n\u003ch2\u003ev3.5.0\u003c/h2\u003e\n\u003ch3\u003eNew Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Tailwind CSS v4.2 by \u003ca href=\"https://github.com/dcastil\"\u003e\u003ccode\u003e@​dcastil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dcastil/tailwind-merge/pull/651\"\u003edcastil/tailwind-merge#651\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dcastil/tailwind-merge/compare/v3.4.1...v3.5.0\"\u003ehttps://github.com/dcastil/tailwind-merge/compare/v3.4.1...v3.5.0\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/brandonmcconnell\"\u003e\u003ccode\u003e@​brandonmcconnell\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/manavm1990\"\u003e\u003ccode\u003e@​manavm1990\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/langy\"\u003e\u003ccode\u003e@​langy\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/roboflow\"\u003e\u003ccode\u003e@​roboflow\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/syntaxfm\"\u003e\u003ccode\u003e@​syntaxfm\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/getsentry\"\u003e\u003ccode\u003e@​getsentry\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/codecov\"\u003e\u003ccode\u003e@​codecov\u003c/code\u003e\u003c/a\u003e, a private sponsor, \u003ca href=\"https://github.com/block\"\u003e\u003ccode\u003e@​block\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/openclaw\"\u003e\u003ccode\u003e@​openclaw\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/sourcegraph\"\u003e\u003ccode\u003e@​sourcegraph\u003c/code\u003e\u003c/a\u003e and more via \u003ca href=\"https://github.com/thnxdev\"\u003e\u003ccode\u003e@​thnxdev\u003c/code\u003e\u003c/a\u003e for sponsoring tailwind-merge! ❤️\u003c/p\u003e\n\u003ch2\u003ev3.4.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent arbitrary font-family and font-weight from merging by \u003ca href=\"https://github.com/roneymoon\"\u003e\u003ccode\u003e@​roneymoon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dcastil/tailwind-merge/pull/635\"\u003edcastil/tailwind-merge#635\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dcastil/tailwind-merge/compare/v3.4.0...v3.4.1\"\u003ehttps://github.com/dcastil/tailwind-merge/compare/v3.4.0...v3.4.1\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/brandonmcconnell\"\u003e\u003ccode\u003e@​brandonmcconnell\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/manavm1990\"\u003e\u003ccode\u003e@​manavm1990\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/langy\"\u003e\u003ccode\u003e@​langy\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/roboflow\"\u003e\u003ccode\u003e@​roboflow\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/syntaxfm\"\u003e\u003ccode\u003e@​syntaxfm\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/getsentry\"\u003e\u003ccode\u003e@​getsentry\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/codecov\"\u003e\u003ccode\u003e@​codecov\u003c/code\u003e\u003c/a\u003e, a private sponsor, \u003ca href=\"https://github.com/block\"\u003e\u003ccode\u003e@​block\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/openclaw\"\u003e\u003ccode\u003e@​openclaw\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/sourcegraph\"\u003e\u003ccode\u003e@​sourcegraph\u003c/code\u003e\u003c/a\u003e and more via \u003ca href=\"https://github.com/thnxdev\"\u003e\u003ccode\u003e@​thnxdev\u003c/code\u003e\u003c/a\u003e for sponsoring tailwind-merge! ❤️\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/d54f7e5713c653d0171971405344f7c6e44d418f\"\u003e\u003ccode\u003ed54f7e5\u003c/code\u003e\u003c/a\u003e v3.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/638871a67a0a124ac9275eda77cd08b03f2f045e\"\u003e\u003ccode\u003e638871a\u003c/code\u003e\u003c/a\u003e Update README to add info about Tailwind CSS v4.3 support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/39fc7b5e915493e5eb3ddb1ca615f5b2eeff2540\"\u003e\u003ccode\u003e39fc7b5\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;v3.6.0\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/bd8390f6ca387f93c9e989fb3fb09924fb843445\"\u003e\u003ccode\u003ebd8390f\u003c/code\u003e\u003c/a\u003e v3.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/802877c6e31f9fb64c627e5e760729a16cd0a69b\"\u003e\u003ccode\u003e802877c\u003c/code\u003e\u003c/a\u003e add v3.6.0 changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/a35fedac7d1fc8756223da94290a83a32068d2ae\"\u003e\u003ccode\u003ea35feda\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dcastil/tailwind-merge/issues/665\"\u003e#665\u003c/a\u003e from dcastil/renovate/rollup-plugin-babel-7.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/940389cf89ed0da277ff5c01b98fd619687926e9\"\u003e\u003ccode\u003e940389c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dcastil/tailwind-merge/issues/667\"\u003e#667\u003c/a\u003e from dcastil/renovate/release-drafter-release-drafter...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/005af6df08cfbe2adac7ca6cb5a7be02b9261fbd\"\u003e\u003ccode\u003e005af6d\u003c/code\u003e\u003c/a\u003e pin to specific version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/5816ced627ebcaefd497ad8e4202baf750dd545c\"\u003e\u003ccode\u003e5816ced\u003c/code\u003e\u003c/a\u003e implement breaking changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/17041e17c5b9c96fcb0f4758c718799cb3af14a6\"\u003e\u003ccode\u003e17041e1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dcastil/tailwind-merge/issues/676\"\u003e#676\u003c/a\u003e from dcastil/dependabot/npm_and_yarn/babel/plugin-tra...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dcastil/tailwind-merge/compare/v3.4.0...v3.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@ai-sdk/react` from 2.0.93 to 3.0.187\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.187\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.185\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@5.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/react@3.0.187/packages/react/CHANGELOG.md\"\u003e@​ai-sdk/react's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.187\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.185\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.186\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [40fc5e4]\n\u003cul\u003e\n\u003cli\u003eai@6.0.184\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.185\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.183\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.184\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [e76a29a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.182\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.183\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [538974a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.181\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.182\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [253bd5a]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [57ec10f]\n\u003cul\u003e\n\u003cli\u003eai@6.0.180\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.181\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.179\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.180\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/4a989451c5ef8c1b04d8a91e4e9301dc81708cfa\"\u003e\u003ccode\u003e4a98945\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15406\"\u003e#15406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/f8d30032da41bdfd1d4c560bb6439dec8021603e\"\u003e\u003ccode\u003ef8d3003\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15356\"\u003e#15356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c76ce9cdcd176554e245ede286be1863e17e5fd5\"\u003e\u003ccode\u003ec76ce9c\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15257\"\u003e#15257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c0e4feffdd69e75d6ba0c1d311f0ec929952731d\"\u003e\u003ccode\u003ec0e4fef\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15251\"\u003e#15251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/43e5359b6cf3c8737544ad17604d7b152d01a73e\"\u003e\u003ccode\u003e43e5359\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15221\"\u003e#15221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e2f1bca89259f60318faf7537539b67872630052\"\u003e\u003ccode\u003ee2f1bca\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15216\"\u003e#15216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/d37fb1f2dad4d96605ffd2ac3d4b55e0bccdc482\"\u003e\u003ccode\u003ed37fb1f\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15202\"\u003e#15202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e70aab94d6f3dac30d54ac3185259a9562051bd6\"\u003e\u003ccode\u003ee70aab9\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15138\"\u003e#15138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e3ccdb5987c07459ffd9be56088c5ac9d142fba2\"\u003e\u003ccode\u003ee3ccdb5\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15094\"\u003e#15094\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/react@3.0.187/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​ai-sdk/react\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@aws-sdk/client-s3` from 3.437.0 to 3.1050.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/client-s3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1050.0\u003c/h2\u003e\n\u003ch4\u003e3.1050.0(2026-05-19)\u003c/h4\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-05-19 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9a5e6f03be25b20c97a2f0826cb6b74061e57b8d\"\u003e9a5e6f03\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sagemaker:\u003c/strong\u003e  Add support for ml.p5.4xlarge and ml.p5en.48xlarge instances on SageMaker Notebook Instances Platform. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/73a3e28f8c4741e657e131dfb0decc37700b828c\"\u003e73a3e28f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-grafana:\u003c/strong\u003e  Introduce degraded workspace status as a possible Amazon Managed Grafana workspace status, and a new field named degraded workspace reason which informs customers why the workspace is degraded in the DescribeWorkspace API response. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/af49cb81d0dd0a7e0e4c448c293808df842ca4b1\"\u003eaf49cb81\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-rtbfabric:\u003c/strong\u003e  This release is to deprecate 'inboundLinksCount' field in GetResponderGateway response and introduce the new field 'linksRequestedCount' to replace it. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/3c9765e351c0a632e3a57890a06633ac47beaea3\"\u003e3c9765e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-devops-agent:\u003c/strong\u003e  Added a new serviceType mcpserversigv4 service and association. This provides feature to register MCP sigv4 authorization based MCPs (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/84e18e58dcd72556aeabadf32a4b58405e3f6e4a\"\u003e84e18e58\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-guardduty:\u003c/strong\u003e  Adding support for exposure and vulnerability context from AWS Security Hub in GuardDuty Extended Threat Detection attack sequence findings. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/de2356de06977694d70b64340ba802682acd1ea8\"\u003ede2356de\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bedrock-agentcore:\u003c/strong\u003e  Add RetryableConflictException (HTTP 409) to InvokeAgentRuntime and StopRuntimeSession to prevent orphaned VMs during concurrent session access. The SDK automatically retries this exception with backoff. Enforcement is not yet active and will be enabled in a future service update. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/239af13eb6799a89d6cf3257d664004a7a4fbfa2\"\u003e239af13e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eTests\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003elib-storage:\u003c/strong\u003e  speed up lib-storage e2e tests by reducing permutations (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8028\"\u003e#8028\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/273afd4efb8cb19746bce3b7769e58d0917a3257\"\u003e273afd4e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eFor list of updated packages, view \u003cstrong\u003eupdated-packages.md\u003c/strong\u003e in \u003cstrong\u003eassets-3.1050.0.zip\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1049.0\u003c/h2\u003e\n\u003ch4\u003e3.1049.0(2026-05-18)\u003c/h4\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-evs:\u003c/strong\u003e  Amazon EVS now supports up to 32 hosts per EVS environment, increasing the previous host limit to allow a larger scale of VMware workload deployments and reduce operational overhead. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/34718dc5665b0423b11382c28fa8e321b876231c\"\u003e34718dc5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-05-18 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/a5f4e2a21dba69087a8b0534ffd574b877551a2a\"\u003ea5f4e2a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ec2:\u003c/strong\u003e  Amazon VPC IP Address Manager (IPAM) now supports tags on IPAM pool allocations, enabling all standard tagging features for allocations including tag-on-create. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0ac6d448ed6a0f04d45d59d1bcde953454b61f78\"\u003e0ac6d448\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-accessanalyzer:\u003c/strong\u003e  Services manage service-linked analyzers through dedicated APIs - CreateServiceLinkedAnalyzer and DeleteServiceLinkedAnalyzer that separate service-linked specific operations from customer-managed operations. It also shows up in ListAnalyzers and GetAnalyzer responses. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/fdfcbe80822475752a5433a6b830962379701cc1\"\u003efdfcbe80\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ecs:\u003c/strong\u003e  Amazon ECS now supports Pause lifecycle hooks for service deployments, allowing customers to automatically pause deployments at specified stages and use the new ContinueServiceDeployment API to continue or roll back with confidence. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8437bd6c125ba1ea4f5baf7a8fdf9fa9694ff4a7\"\u003e8437bd6c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-connect:\u003c/strong\u003e  Amazon Connect Cases now supports SLA durations of up to 2 years (1,051,200 minutes), increased from the previous maximum of 90 days (129,600 minutes). This enables you to track long-running service level agreements for cases that require extended resolution timelines. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/045e1382ed3e4a3a7192416d4636e6849f5fc847\"\u003e045e1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ivs:\u003c/strong\u003e  Adds support for up to 3 mediaTailorPlaybackConfiguration objects in an ad configuration resource (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e7a59d859f9cf88f6e19fc4df520336f968da88d\"\u003ee7a59d85\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-quicksight:\u003c/strong\u003e  Support for dataset enrichment and geo spatial in new data preparation experience (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c3036698d995bb62e8cf487df88c36192533efd5\"\u003ec3036698\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eBug Fixes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore/protocols:\u003c/strong\u003e  make error namespace removal unconditional in JSON RPC (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8031\"\u003e#8031\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7cee4f2752226e76902ab933477122782472469c\"\u003e7cee4f27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sts:\u003c/strong\u003e  update imports to new module locations (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8025\"\u003e#8025\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/be183b6d7ac286e626f0301cbee2ca5101e87acb\"\u003ebe183b6d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eFor list of updated packages, view \u003cstrong\u003eupdated-packages.md\u003c/strong\u003e in \u003cstrong\u003eassets-3.1049.0.zip\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1048.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md\"\u003e@​aws-sdk/client-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1049.0...v3.1050.0\"\u003e3.1050.0\u003c/a\u003e (2026-05-19)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1048.0...v3.1049.0\"\u003e3.1049.0\u003c/a\u003e (2026-05-18)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sts:\u003c/strong\u003e update imports to new module locations (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/issues/8025\"\u003e#8025\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/be183b6d7ac286e626f0301cbee2ca5101e87acb\"\u003ebe183b6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1047.0...v3.1048.0\"\u003e3.1048.0\u003c/a\u003e (2026-05-15)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1046.0...v3.1047.0\"\u003e3.1047.0\u003c/a\u003e (2026-05-14)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1045.0...v3.1046.0\"\u003e3.1046.0\u003c/a\u003e (2026-05-14)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1044.0...v3.1045.0\"\u003e3.1045.0\u003c/a\u003e (2026-05-07)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bdc9fc6b88673a816719006d0bde88afd44dbb4e\"\u003e\u003ccode\u003ebdc9fc6\u003c/code\u003e\u003c/a\u003e Publish v3.1050.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/04d52f3ac1d416598b8d728b72919919025a4a61\"\u003e\u003ccode\u003e04d52f3\u003c/code\u003e\u003c/a\u003e Publish v3.1049.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/be183b6d7ac286e626f0301cbee2ca5101e87acb\"\u003e\u003ccode\u003ebe183b6\u003c/code\u003e\u003c/a\u003e fix(client-sts): update imports to new module locations (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8025\"\u003e#8025\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/313813d9e1f25eb6896cf2880977f01ee7fb2556\"\u003e\u003ccode\u003e313813d\u003c/code\u003e\u003c/a\u003e Publish v3.1048.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/1af90474774927f8dea56d1e33fd11167d431d11\"\u003e\u003ccode\u003e1af9047\u003c/code\u003e\u003c/a\u003e chore(codegen): updated import sources for aws-sdk core (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8015\"\u003e#8015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/eabae7d848238fedb6336c2f2d13b81c6cd9d146\"\u003e\u003ccode\u003eeabae7d\u003c/code\u003e\u003c/a\u003e chore(codegen): sync for browser bundle fixes (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8022\"\u003e#8022\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8edb907b3e69d8ebd19a808480692de92b98e748\"\u003e\u003ccode\u003e8edb907\u003c/code\u003e\u003c/a\u003e Publish v3.1047.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/a66433550dc5bfd0b3228222ad096bfb25d042c0\"\u003e\u003ccode\u003ea664335\u003c/code\u003e\u003c/a\u003e Publish v3.1046.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9ce20f6d16352cd5747d9555e2b75e9462ea8ae9\"\u003e\u003ccode\u003e9ce20f6\u003c/code\u003e\u003c/a\u003e chore(codegen): dependency version bump (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8008\"\u003e#8008\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/acffbf906165501879a9e57b4f1b63deecbe63ea\"\u003e\u003ccode\u003eacffbf9\u003c/code\u003e\u003c/a\u003e chore: update smithy/core imports (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/7979\"\u003e#7979\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commits/v3.1050.0/clients/client-s3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fumadocs/content-collections` from 1.2.4 to 1.2.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/fa609138d418c7a60d5c3bf60efd77e86549bd34\"\u003e\u003ccode\u003efa60913\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3202\"\u003e#3202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/2d8f59638c61d2d70512b81e2fd13ddc92fac869\"\u003e\u003ccode\u003e2d8f596\u003c/code\u003e\u003c/a\u003e Chore: fix \u003ccode\u003enpm pack\u003c/code\u003e skipping nested \u003ccode\u003enode_modules\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/b5af621de0c8da746f0d26d4bd8bd02d55cb0670\"\u003e\u003ccode\u003eb5af621\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3200\"\u003e#3200\u003c/a\u003e from fuma-nama/changeset-release/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/79995e999678319afec4151f5f10041b1ed8fd89\"\u003e\u003ccode\u003e79995e9\u003c/code\u003e\u003c/a\u003e fix tsdown warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/9518cc8b40ce4d96bcf526155a546d00822ba589\"\u003e\u003ccode\u003e9518cc8\u003c/code\u003e\u003c/a\u003e OpenAPI: remove \u003ccode\u003eopenapi-sampler\u003c/code\u003e dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/335b9c1076bc80052046aab83c4e265af54aa1cc\"\u003e\u003ccode\u003e335b9c1\u003c/code\u003e\u003c/a\u003e Chore: bundle more deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/498425b261877e94c988d3dd1ce1ec9cab29971b\"\u003e\u003ccode\u003e498425b\u003c/code\u003e\u003c/a\u003e UI: pre-calculate TOC item positions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/7cdde7c8358009e452a8b4949bbc11af8dd6bafd\"\u003e\u003ccode\u003e7cdde7c\u003c/code\u003e\u003c/a\u003e UI: improve TOC performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/690ddb9da2a3949a502153f5d115c5bd3025b78f\"\u003e\u003ccode\u003e690ddb9\u003c/code\u003e\u003c/a\u003e Chore: bundle more deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/8999346b6b0888398b01a60f8864ab70ce8cdf9d\"\u003e\u003ccode\u003e8999346\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3198\"\u003e#3198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fuma-nama/fumadocs/compare/@fumadocs/content-collections@1.2.4...@fumadocs/content-collections@1.2.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​fumadocs/content-collections\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@next/third-parties` from 16.0.3 to 16.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003e@​next/third-parties's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - \u003cstrong\u003eIncomplete Fix Follow-Up\u003c/strong\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModerate:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://githu...\n\n_Description has been truncated_","html_url":"https://github.com/emiliano32144/supastarter-nextjs/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/emiliano32144%2Fsupastarter-nextjs/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"},{"uuid":"4481940730","node_id":"PR_kwDOSS6dds7dTH4e","number":193,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 3 directories with 2 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-19T23:51:00.000Z","updated_at":"2026-05-20T00:28:18.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":2,"packages":[{"name":"next","old_version":"14.2.3","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"next","old_version":"14.2.3","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"next","old_version":"14.2.3","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"next","old_version":"14.2.3","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"cookie","old_version":"0.4.2","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /apps/defi-dashboard directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /zwallet directory: [cookie](https://github.com/jshttp/cookie).\n\nUpdates `next` from 14.2.3 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.18\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.16\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9ff92cebcaa6ba4e7463b6fd037a8510ba9b81ec\"\u003e\u003ccode\u003e9ff92ce\u003c/code\u003e\u003c/a\u003e v15.5.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/00ebe23562bd7eb32dd78730984bfadb47138bcf\"\u003e\u003ccode\u003e00ebe23\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/62c97ab0b5825e2cbc15f6b682d8286a8dd6a038\"\u003e\u003ccode\u003e62c97ab\u003c/code\u003e\u003c/a\u003e v15.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/423623ae38c106273085b66946ee5bf9aab77f2c\"\u003e\u003ccode\u003e423623a\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fa787399b38d9aa702118f9bd23a8315b9f0ecc6\"\u003e\u003ccode\u003efa78739\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36e62c6eb7813e42d409eb487f93b829f4ad77e8\"\u003e\u003ccode\u003e36e62c6\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93588\"\u003e#93588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36589b5db512b7704cdadd873cbe49b6dbcc9261\"\u003e\u003ccode\u003e36589b5\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93596\"\u003e#93596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ad6fd4e50e5aba20b60d283c42b89273a3167ccd\"\u003e\u003ccode\u003ead6fd4e\u003c/code\u003e\u003c/a\u003e v15.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/79d7dff1448483f0c8f187f98887b31019f6e494\"\u003e\u003ccode\u003e79d7dff\u003c/code\u003e\u003c/a\u003e Ignore malformed CSP nonce headers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c4f69086cc8dcbd81b1dbc321c98ea874d90d6f8\"\u003e\u003ccode\u003ec4f6908\u003c/code\u003e\u003c/a\u003e router-server: guard upgrade proxy against absolute-url SSRF (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/77\"\u003e#77\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v14.2.3...v15.5.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 14.2.3 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.18\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.16\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9ff92cebcaa6ba4e7463b6fd037a8510ba9b81ec\"\u003e\u003ccode\u003e9ff92ce\u003c/code\u003e\u003c/a\u003e v15.5.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/00ebe23562bd7eb32dd78730984bfadb47138bcf\"\u003e\u003ccode\u003e00ebe23\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/62c97ab0b5825e2cbc15f6b682d8286a8dd6a038\"\u003e\u003ccode\u003e62c97ab\u003c/code\u003e\u003c/a\u003e v15.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/423623ae38c106273085b66946ee5bf9aab77f2c\"\u003e\u003ccode\u003e423623a\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fa787399b38d9aa702118f9bd23a8315b9f0ecc6\"\u003e\u003ccode\u003efa78739\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36e62c6eb7813e42d409eb487f93b829f4ad77e8\"\u003e\u003ccode\u003e36e62c6\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93588\"\u003e#93588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36589b5db512b7704cdadd873cbe49b6dbcc9261\"\u003e\u003ccode\u003e36589b5\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93596\"\u003e#93596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ad6fd4e50e5aba20b60d283c42b89273a3167ccd\"\u003e\u003ccode\u003ead6fd4e\u003c/code\u003e\u003c/a\u003e v15.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/79d7dff1448483f0c8f187f98887b31019f6e494\"\u003e\u003ccode\u003e79d7dff\u003c/code\u003e\u003c/a\u003e Ignore malformed CSP nonce headers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c4f69086cc8dcbd81b1dbc321c98ea874d90d6f8\"\u003e\u003ccode\u003ec4f6908\u003c/code\u003e\u003c/a\u003e router-server: guard upgrade proxy against absolute-url SSRF (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/77\"\u003e#77\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v14.2.3...v15.5.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 14.2.3 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.18\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.16\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9ff92cebcaa6ba4e7463b6fd037a8510ba9b81ec\"\u003e\u003ccode\u003e9ff92ce\u003c/code\u003e\u003c/a\u003e v15.5.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/00ebe23562bd7eb32dd78730984bfadb47138bcf\"\u003e\u003ccode\u003e00ebe23\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/62c97ab0b5825e2cbc15f6b682d8286a8dd6a038\"\u003e\u003ccode\u003e62c97ab\u003c/code\u003e\u003c/a\u003e v15.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/423623ae38c106273085b66946ee5bf9aab77f2c\"\u003e\u003ccode\u003e423623a\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fa787399b38d9aa702118f9bd23a8315b9f0ecc6\"\u003e\u003ccode\u003efa78739\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36e62c6eb7813e42d409eb487f93b829f4ad77e8\"\u003e\u003ccode\u003e36e62c6\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93588\"\u003e#93588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36589b5db512b7704cdadd873cbe49b6dbcc9261\"\u003e\u003ccode\u003e36589b5\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93596\"\u003e#93596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ad6fd4e50e5aba20b60d283c42b89273a3167ccd\"\u003e\u003ccode\u003ead6fd4e\u003c/code\u003e\u003c/a\u003e v15.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/79d7dff1448483f0c8f187f98887b31019f6e494\"\u003e\u003ccode\u003e79d7dff\u003c/code\u003e\u003c/a\u003e Ignore malformed CSP nonce headers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c4f69086cc8dcbd81b1dbc321c98ea874d90d6f8\"\u003e\u003ccode\u003ec4f6908\u003c/code\u003e\u003c/a\u003e router-server: guard upgrade proxy against absolute-url SSRF (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/77\"\u003e#77\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v14.2.3...v15.5.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 14.2.3 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.18\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.16\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9ff92cebcaa6ba4e7463b6fd037a8510ba9b81ec\"\u003e\u003ccode\u003e9ff92ce\u003c/code\u003e\u003c/a\u003e v15.5.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/00ebe23562bd7eb32dd78730984bfadb47138bcf\"\u003e\u003ccode\u003e00ebe23\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/62c97ab0b5825e2cbc15f6b682d8286a8dd6a038\"\u003e\u003ccode\u003e62c97ab\u003c/code\u003e\u003c/a\u003e v15.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/423623ae38c106273085b66946ee5bf9aab77f2c\"\u003e\u003ccode\u003e423623a\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fa787399b38d9aa702118f9bd23a8315b9f0ecc6\"\u003e\u003ccode\u003efa78739\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36e62c6eb7813e42d409eb487f93b829f4ad77e8\"\u003e\u003ccode\u003e36e62c6\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93588\"\u003e#93588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36589b5db512b7704cdadd873cbe49b6dbcc9261\"\u003e\u003ccode\u003e36589b5\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93596\"\u003e#93596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ad6fd4e50e5aba20b60d283c42b89273a3167ccd\"\u003e\u003ccode\u003ead6fd4e\u003c/code\u003e\u003c/a\u003e v15.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/79d7dff1448483f0c8f187f98887b31019f6e494\"\u003e\u003ccode\u003e79d7dff\u003c/code\u003e\u003c/a\u003e Ignore malformed CSP nonce headers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c4f69086cc8dcbd81b1dbc321c98ea874d90d6f8\"\u003e\u003ccode\u003ec4f6908\u003c/code\u003e\u003c/a\u003e router-server: guard upgrade proxy against absolute-url SSRF (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/77\"\u003e#77\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v14.2.3...v15.5.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.4.2 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.4.2...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/cvsz/zwallet/pull/193","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/cvsz%2Fzwallet/issues/193","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/193/packages"},{"uuid":"4472477665","node_id":"PR_kwDOP09VWc7c0gEg","number":184,"state":"open","title":"chore(deps): bump cookie from 0.6.0 to 1.1.1 in /backend/functions","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-18T20:49:56.000Z","updated_at":"2026-05-18T22:21:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"cookie","old_version":"0.6.0","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"}],"path":"/backend/functions","ecosystem":"npm"},"body":"Bumps [cookie](https://github.com/jshttp/cookie) from 0.6.0 to 1.1.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/Abernaughty/PCPC/pull/184","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Abernaughty%2FPCPC/issues/184","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/184/packages"},{"uuid":"4462041948","node_id":"PR_kwDOIeE8Ts7cTuIC","number":333,"state":"closed","title":"build(deps): bump cookie from 0.6.0 to 1.1.1","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-27T05:57:39.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-17T02:35:06.000Z","updated_at":"2026-05-27T05:57:41.000Z","time_to_close":876153,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"cookie","old_version":"0.6.0","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"}],"path":null,"ecosystem":"npm"},"body":"Bumps [cookie](https://github.com/jshttp/cookie) from 0.6.0 to 1.1.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cookie\u0026package-manager=npm_and_yarn\u0026previous-version=0.6.0\u0026new-version=1.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/revati-jp/website/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/revati-jp/website/pull/333","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/revati-jp%2Fwebsite/issues/333","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/333/packages"},{"uuid":"4459323064","node_id":"PR_kwDOKB5zlc7cLueS","number":659,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-16T08:51:17.000Z","updated_at":"2026-05-16T08:56:09.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":2,"packages":[{"name":"cookie","old_version":"0.6.0","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"},{"name":"undici","old_version":"7.18.2","new_version":"8.3.0"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the / directory: [cookie](https://github.com/jshttp/cookie).\n\nUpdates `cookie` from 0.6.0 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `undici` from 7.18.2 to 8.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodejs/undici/releases\"\u003eundici's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve pool capacity after removing stale client by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5151\"\u003enodejs/undici#5151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/github-script from 8.0.0 to 9.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5157\"\u003enodejs/undici#5157\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/upload-artifact from 5.0.0 to 7.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5162\"\u003enodejs/undici#5162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump peter-evans/create-pull-request from 8.1.0 to 8.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5156\"\u003enodejs/undici#5156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(http2): collapse duplicate request stream setup by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5140\"\u003enodejs/undici#5140\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(client): cache HTTP/2 authority by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5141\"\u003enodejs/undici#5141\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4819\"\u003enodejs/undici#4819\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: add TOpaque to client connect options by \u003ca href=\"https://github.com/samuel871211\"\u003e\u003ccode\u003e@​samuel871211\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4928\"\u003enodejs/undici#4928\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump tinybench from 5.1.0 to 6.0.1 in /benchmarks by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4688\"\u003enodejs/undici#4688\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump codecov/codecov-action from 5.5.1 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4950\"\u003enodejs/undici#4950\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/dependency-review-action from 4.8.1 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4951\"\u003enodejs/undici#4951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(fetch): add userinfo coverage for issue-4897 URLs by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4901\"\u003enodejs/undici#4901\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf: avoid duplicate pool dispatcher selection on backpressure by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5149\"\u003enodejs/undici#5149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 6.2.0 to 6.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5163\"\u003enodejs/undici#5163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump step-security/harden-runner from 2.14.1 to 2.19.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5160\"\u003enodejs/undici#5160\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump cronometro from 5.3.0 to 6.0.3 in /benchmarks by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4687\"\u003enodejs/undici#4687\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 4.35.1 to 4.35.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5161\"\u003enodejs/undici#5161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4853\"\u003enodejs/undici#4853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump hendrikmuhs/ccache-action from 1.2.22 to 1.2.23 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5158\"\u003enodejs/undici#5158\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/github-action-merge-dependabot from 3.11.2 to 3.12.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5159\"\u003enodejs/undici#5159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump c8 from 10.1.3 to 11.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4854\"\u003enodejs/undici#4854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump uWebSockets.js from v20.64.0 to v20.66.0 in /benchmarks by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5130\"\u003enodejs/undici#5130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: mention install() also installs WebSocket globals by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5174\"\u003enodejs/undici#5174\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: stop interfering with \u003ccode\u003e@​types/node\u003c/code\u003e by \u003ca href=\"https://github.com/Renegade334\"\u003e\u003ccode\u003e@​Renegade334\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5173\"\u003enodejs/undici#5173\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: align h2 empty body content-length methods with h1 by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5172\"\u003enodejs/undici#5172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump fast-check from 4.6.0 to 4.7.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5192\"\u003enodejs/undici#5192\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 6.0.2 to 6.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5191\"\u003enodejs/undici#5191\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move cleanup from finally to after hooks by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5194\"\u003enodejs/undici#5194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: resolve flaky timeout in issue-3356 by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5188\"\u003enodejs/undici#5188\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSnapshotAgent\u003c/code\u003e: Add \u003ccode\u003enormalizeBody\u003c/code\u003e and \u003ccode\u003enormalizeQuery\u003c/code\u003e by \u003ca href=\"https://github.com/GeoffreyBooth\"\u003e\u003ccode\u003e@​GeoffreyBooth\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5121\"\u003enodejs/undici#5121\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(socks5): use configured connector in Socks5ProxyAgent by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5168\"\u003enodejs/undici#5168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(http2): avoid isArray checks for common headers by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5170\"\u003enodejs/undici#5170\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(test): make deduplicate body-streaming test non-flaky by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5196\"\u003enodejs/undici#5196\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(retry): add regression test for RetryAgent + HTTP/2 stream timeout (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5137\"\u003e#5137\u003c/a\u003e) by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5176\"\u003enodejs/undici#5176\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(socks5): preserve dispatch backpressure return value by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5166\"\u003enodejs/undici#5166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(http2): end zero-length request bodies with headers by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5169\"\u003enodejs/undici#5169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(test): make issue-2898-comment.js assertion robust against flakiness by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5208\"\u003enodejs/undici#5208\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: disable timeouts in h2 high concurrency regression by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5205\"\u003enodejs/undici#5205\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: deflake stream compat coverage by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5209\"\u003enodejs/undici#5209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(dispatcher): remove unreachable assert in writeBlob by \u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5231\"\u003enodejs/undici#5231\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: clean up benchmark resources before worker exit by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5225\"\u003enodejs/undici#5225\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: avoid per-chunk assertions in diagnostics get by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5224\"\u003enodejs/undici#5224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: capture cache test worker stderr and preserve failures by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5206\"\u003enodejs/undici#5206\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: gitignore benchmarks/package-lock.json by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5228\"\u003enodejs/undici#5228\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(proxy-agent): avoid extra header allocations in auth guard by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5164\"\u003enodejs/undici#5164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(wpt): retry WPT server startup on port conflicts or timeout by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5215\"\u003enodejs/undici#5215\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: make websocket diagnostics ping-pong ordering deterministic by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5222\"\u003enodejs/undici#5222\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(websocket): fix flaky send test by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5232\"\u003enodejs/undici#5232\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/aa33b19549ef5c37b73599a6deba768e85f46f92\"\u003e\u003ccode\u003eaa33b19\u003c/code\u003e\u003c/a\u003e Bumped v8.3.0 (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5305\"\u003e#5305\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/f33a6cb615e1e77fa09fda3cf935632635cdea8c\"\u003e\u003ccode\u003ef33a6cb\u003c/code\u003e\u003c/a\u003e test: fix flaky http2-dispatcher WebSocket upgrade tests (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5304\"\u003e#5304\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/ca0cb16fc1e825c76e2a480101fef2d2732a4fe7\"\u003e\u003ccode\u003eca0cb16\u003c/code\u003e\u003c/a\u003e build(deps): bump uWebSockets.js in /benchmarks (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5299\"\u003e#5299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/e1f9035d0fdc26db66d8501134ae15e5dab15488\"\u003e\u003ccode\u003ee1f9035\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump jest from 30.3.0 to 30.4.2 (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5297\"\u003e#5297\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/314ba6a2cdd83a5b1e7fcca409cd3a75691a8c00\"\u003e\u003ccode\u003e314ba6a\u003c/code\u003e\u003c/a\u003e perf(client-h2): reuse request upgrade stream handlers (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5293\"\u003e#5293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/be9a544ff7e2e01560ff5201a6d45f7a053a395b\"\u003e\u003ccode\u003ebe9a544\u003c/code\u003e\u003c/a\u003e Add Node 26 to the matrix (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5271\"\u003e#5271\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/45f7bd34a6f7a7912fd9fe0d6ccdcc62524c1637\"\u003e\u003ccode\u003e45f7bd3\u003c/code\u003e\u003c/a\u003e test: retry crashed cache-test workers once (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5294\"\u003e#5294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/08cf765bf8bf47de56fe63237c5a528a1978c0a0\"\u003e\u003ccode\u003e08cf765\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump fast-check from 4.7.0 to 4.8.0 (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5298\"\u003e#5298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/df5ded9ebbda7b2545db45452889dbb85bd22a48\"\u003e\u003ccode\u003edf5ded9\u003c/code\u003e\u003c/a\u003e cache formdata boundary (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5292\"\u003e#5292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/e101dcb27247a5d6718ddfbbbb6e3968403f1f42\"\u003e\u003ccode\u003ee101dcb\u003c/code\u003e\u003c/a\u003e test: include after in parser-issues (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5284\"\u003e#5284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodejs/undici/compare/v7.18.2...v8.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/sdanialraza/sdanialraza/pull/659","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sdanialraza%2Fsdanialraza/issues/659","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/659/packages"},{"uuid":"4457011504","node_id":"PR_kwDOCvT5As7cEjbW","number":9,"state":"open","title":"⬆️ Bump the npm-security-updates group across 1 directory with 30 updates","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-15T21:16:25.000Z","updated_at":"2026-05-15T21:16:26.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"⬆️ Bump","group_name":"npm-security-updates","update_count":30,"packages":[{"name":"@angular/common","old_version":"7.2.14","new_version":"19.2.16","repository_url":"https://github.com/angular/angular"},{"name":"@angular/core","old_version":"7.2.14","new_version":"19.2.20","repository_url":"https://github.com/angular/angular"},{"name":"@angular/compiler","old_version":"7.2.14","new_version":"19.2.18","repository_url":"https://github.com/angular/angular"},{"name":"@babel/traverse","old_version":"7.4.4","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"body-parser","old_version":"1.18.3","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.16.4","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"browserify-sign","old_version":"4.0.4","new_version":"4.2.5","repository_url":"https://github.com/crypto-browserify/browserify-sign"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"cookie","old_version":"0.3.1","new_version":"0.7.2","repository_url":"https://github.com/jshttp/cookie"},{"name":"follow-redirects","old_version":"1.7.0","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"minimist","old_version":"0.0.8","new_version":"1.2.8","repository_url":"https://github.com/minimistjs/minimist"},{"name":"gh-pages","old_version":"0.12.0","new_version":"6.3.0","repository_url":"https://github.com/tschaub/gh-pages"},{"name":"handlebars","old_version":"4.1.2","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"ip","old_version":"1.1.5","new_version":"removed","repository_url":"https://github.com/indutny/node-ip"},{"name":"js-yaml","old_version":"3.13.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash","old_version":"4.17.11","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm-security-updates group with 16 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common) | `7.2.14` | `19.2.16` |\n| [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `7.2.14` | `19.2.20` |\n| [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) | `7.2.14` | `19.2.18` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.4.4` | `7.29.0` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.18.3` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.16.4` | `4.22.2` |\n| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.5` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [cookie](https://github.com/jshttp/cookie) | `0.3.1` | `0.7.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.7.0` | `1.16.0` |\n| [minimist](https://github.com/minimistjs/minimist) | `0.0.8` | `1.2.8` |\n| [gh-pages](https://github.com/tschaub/gh-pages) | `0.12.0` | `6.3.0` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.1.2` | `4.7.9` |\n| [ip](https://github.com/indutny/node-ip) | `1.1.5` | `removed` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.13.1` | `3.14.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.11` | `4.18.1` |\n\n\nUpdates `@angular/common` from 7.2.14 to 19.2.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/common's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/common's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.16 (2025-11-26)\u003c/h1\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e05fe6686a9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.14 (2025-11-25)\u003c/h1\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f\"\u003e0276479e7d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.1 (2025-11-25)\u003c/h1\u003e\n\u003ch3\u003ecompiler-cli\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/39c577bc362b263896b38c9486131d4342b8f1a8\"\u003e39c577bc36\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edo not type check native controls with ControlValueAccessor\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8d3a89a477e273b9b2223b6db775955e35105963\"\u003e8d3a89a477\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eescape angular control flow in jsdoc\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/bc34083d349a7d30efb43df97de0509fd85a1996\"\u003ebc34083d34\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eignore non-existent files\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0ea1e071742a031d9afb7a39f8e23082cd88ca2e\"\u003e0ea1e07174\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eapply bootstrap-options migration to \u003ccode\u003eplatformBrowserDynamic\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/70507b8c1ce733b8232a12fa45037ee219b5b102\"\u003e70507b8c1c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edebug data causing memory leak for root effects\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/a55482fca3b7e4f39d95f8ff236b6619e59b8190\"\u003ea55482fca3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enotify profiler events in case of errors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/49ad7c650818ee7db321a24c89282dbf9bb250f3\"\u003e49ad7c6508\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003euse injected \u003ccode\u003eDOCUMENT\u003c/code\u003e for \u003ccode\u003eCSP_NONCE\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1ec099315b0f429d0b0f07c9b1bf686668db6b\"\u003ecc1ec09931\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eperf\u003c/td\u003e\n\u003ctd\u003eavoid repeat searches for field directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eforms\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7d5c7cf99aa5c6490f8bea950b04bd56073582a1\"\u003e7d5c7cf99a\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efeat\u003c/td\u003e\n\u003ctd\u003eadd DI option for classes on \u003ccode\u003eField\u003c/code\u003e directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8acf5d27563ec51cc76971732d50e1f4142a3fe3\"\u003e8acf5d2756\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow dynamic \u003ccode\u003etype\u003c/code\u003e bindings on signal form controls\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003ccode\u003e05fe668\u003c/code\u003e\u003c/a\u003e fix(http): prevent XSRF token leakage to protocol-relative URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/12e2302a0425f3a2b09cb00d743cbdb099a5eb31\"\u003e\u003ccode\u003e12e2302\u003c/code\u003e\u003c/a\u003e build: update common's locales to use rules_js (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61630\"\u003e#61630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/9701047b9f41175a498b8bb35563e2ed277b83e1\"\u003e\u003ccode\u003e9701047\u003c/code\u003e\u003c/a\u003e test(common): Add circular deps test to 19.2.x (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61651\"\u003e#61651\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2c876b4fc5d89ce925b1403e239c7d162e39346b\"\u003e\u003ccode\u003e2c876b4\u003c/code\u003e\u003c/a\u003e fix(common): avoid injecting ApplicationRef in FetchBackend (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61649\"\u003e#61649\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e54b5773f8f74bdd2e2c0a4c89c84543c99b834\"\u003e\u003ccode\u003e8e54b57\u003c/code\u003e\u003c/a\u003e build: move private testing helpers outside \u003ccode\u003eplatform-browser/testing\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2b1b14f4d3751b9b3c351ddc412ecdcb2aea4781\"\u003e\u003ccode\u003e2b1b14f\u003c/code\u003e\u003c/a\u003e fix(core): cleanup \u003ccode\u003erxResource\u003c/code\u003e abort listener (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/58306\"\u003e#58306\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/126efc9972e18806e71977d51a55f8ec2f0514d6\"\u003e\u003ccode\u003e126efc9\u003c/code\u003e\u003c/a\u003e fix(common): cancel reader when app is destroyed (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61528\"\u003e#61528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/efda8724535a8560a64b28cc2bf81df5931af686\"\u003e\u003ccode\u003eefda872\u003c/code\u003e\u003c/a\u003e fix(common): prevent reading chunks if app is destroyed (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61354\"\u003e#61354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/c43fd3a39c8d7b6ab23037a87456f6acfb4eb08f\"\u003e\u003ccode\u003ec43fd3a\u003c/code\u003e\u003c/a\u003e build: migrate common to use rules_js based toolchain (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61434\"\u003e#61434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/185b7801ee0eede67f0ca5a501833eb4f392098b\"\u003e\u003ccode\u003e185b780\u003c/code\u003e\u003c/a\u003e build: migrate \u003ccode\u003epackages/core/schematics\u003c/code\u003e to \u003ccode\u003ets_project\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61420\"\u003e#61420\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/19.2.16/packages/common\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/common\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/core` from 7.2.14 to 19.2.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.20\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5be912eb55fe88e8621e2ce82470d51b7d950ceb\"\u003e\u003cimg src=\"https://img.shields.io/badge/5be912eb55-fix-green\" alt=\"fix - 5be912eb55\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003e\u003cimg src=\"https://img.shields.io/badge/b89b0a83a4-fix-green\" alt=\"fix - b89b0a83a4\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e\u003cimg src=\"https://img.shields.io/badge/621c7071ad-fix-green\" alt=\"fix - 621c7071ad\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.19\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/747548721d051c21e388a302d20d53fb3ab16367\"\u003e\u003cimg src=\"https://img.shields.io/badge/747548721d-fix-green\" alt=\"fix - 747548721d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eblock creation of sensitive URI attributes from ICU messages\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAngular now only applies known attributes from HTML in translated ICU content. Unknown attributes are dropped and not rendered.\u003c/p\u003e\n\u003cp\u003e(cherry picked from commit 03da204b6daa5e4583e0d0968c2107390bbd8235)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.18\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003cimg src=\"https://img.shields.io/badge/26cdc53d9c-fix-green\" alt=\"fix - 26cdc53d9c\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.17\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003cimg src=\"https://img.shields.io/badge/7c42e2ebeb-fix-green\" alt=\"fix - 7c42e2ebeb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.20 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5be912eb55fe88e8621e2ce82470d51b7d950ceb\"\u003e5be912eb55\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003eb89b0a83a4\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e621c7071ad\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.18 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/02fbf08890ec6ac2efb6c2ec4f17e56497cb81d2\"\u003e02fbf08890\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72126f9a08c185a9b93461bab67841c4e84c9b17\"\u003e72126f9a08\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/626bc8bc20e485cad2094c4a5d9417fb9a71dda8\"\u003e626bc8bc20\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e22.0.0-next.3 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/78dea55351fb305b33a919c43a6b363137eca166\"\u003e78dea55351\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/999c14eaab981d12bf2b1d9b1fd6766157f7b1cc\"\u003e999c14eaab\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ereverts \u0026quot;feat(core): add support for nested animations\u0026quot;\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/de0eb4c6566011e1a34d529a273ec3d5b6bf17d5\"\u003ede0eb4c656\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.2.4 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ed2d324f9cc12aab6cfa0569ef10b73243a62c65\"\u003eed2d324f9c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e\u003ccode\u003e621c707\u003c/code\u003e\u003c/a\u003e fix(core): sanitize translated form attributes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003e\u003ccode\u003eb89b0a8\u003c/code\u003e\u003c/a\u003e fix(core): sanitize translated attribute bindings with interpolations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/747548721d051c21e388a302d20d53fb3ab16367\"\u003e\u003ccode\u003e7475487\u003c/code\u003e\u003c/a\u003e fix(core): block creation of sensitive URI attributes from ICU messages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003ccode\u003e26cdc53\u003c/code\u003e\u003c/a\u003e fix(core): sanitize sensitive attributes on SVG script elements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003ccode\u003e7c42e2e\u003c/code\u003e\u003c/a\u003e fix(compiler): prevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/70d0639bc19e376af1a0491898f54a026d3227e2\"\u003e\u003ccode\u003e70d0639\u003c/code\u003e\u003c/a\u003e fix(core): introduce \u003ccode\u003eBootstrapContext\u003c/code\u003e for improved server bootstrapping (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/6\"\u003e#6\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/73d3e001d2a2fa3218d769c0834c12a762d86882\"\u003e\u003ccode\u003e73d3e00\u003c/code\u003e\u003c/a\u003e build: fix failing test (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61683\"\u003e#61683\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/9e1cd4966202d89c7310ab84c50b2c4231a0213e\"\u003e\u003ccode\u003e9e1cd49\u003c/code\u003e\u003c/a\u003e fix(migrations): preserve comments when removing unused imports (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61674\"\u003e#61674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/a6d5479cc75a91447daf3877d62b68a5740d3c74\"\u003e\u003ccode\u003ea6d5479\u003c/code\u003e\u003c/a\u003e build: migrate platform-server to rules_js (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61619\"\u003e#61619\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2a269449745c836e4b99215e36ea10fbe87e9e21\"\u003e\u003ccode\u003e2a26944\u003c/code\u003e\u003c/a\u003e build: migrate platform-browser and platform-browser-dynamic package to use r...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v19.2.20/packages/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/core\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/compiler` from 7.2.14 to 19.2.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/compiler's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.18\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003cimg src=\"https://img.shields.io/badge/26cdc53d9c-fix-green\" alt=\"fix - 26cdc53d9c\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.17\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003cimg src=\"https://img.shields.io/badge/7c42e2ebeb-fix-green\" alt=\"fix - 7c42e2ebeb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/compiler's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.18 (2026-01-07)\u003c/h1\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e26cdc53d9c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.7 (2026-01-07)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e808740c9311daa0f1c9bab8596ed5e54bdcc6a\"\u003e8e808740c9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ebetter types for a few expression AST nodes\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/63b1cdcf70e6de448e8fa4ba1732d7bd7b5400d1\"\u003e63b1cdcf70\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eproduce accurate span for typeof and void expressions\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/3c3ae0cb64bb112d7167fd9b0bf7739f0c9e6a39\"\u003e3c3ae0cb64\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprovide location information for literal map keys\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/523dbaf1c3646ce27f1cf2e4cfc84c730fea8da9\"\u003e523dbaf1c3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003estop ThisReceiver inheritance from ImplicitReceiver\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler-cli\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/4d9c4567edfb8dd424a3336ef54ffdfc6ca7c15f\"\u003e4d9c4567ed\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eensure component import diagnostics are reported within the \u003ccode\u003eimports\u003c/code\u003e expression\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cd405685afbfad530de7fb841ad352d2b702a9a4\"\u003ecd405685af\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003efix up spelling of diagnostic\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/778460fccac13d8667bb53fa24ba977a930c0253\"\u003e778460fcca\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport qualified names in \u003ccode\u003etypeof\u003c/code\u003e type references\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c74674eb07491f808f79976e3e21787a841aefb\"\u003e7c74674eb0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eavoid leaking view data in animations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0edbee4550e85b933e9bd2ba3c5511ef6fbf7304\"\u003e0edbee4550\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eexplicitly cast signal node value to String\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/f9c29572d28feef878c73edad562b3a6451825a6\"\u003ef9c29572d2\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eforms\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e3fba182f90a2673040cf267a970c54c07d4840f\"\u003ee3fba182f9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efeat\u003c/td\u003e\n\u003ctd\u003eadd \u003ccode\u003e[formField]\u003c/code\u003e directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/561772b152458e1d91d4bf3ef45d9645a731f2b1\"\u003e561772b152\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003edirty\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/f0fb1d8581671ca499bcb4790b0549825eb36a91\"\u003ef0fb1d8581\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003ehidden\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ec110f170bbba95f023c8ae0e4429c35bfedc572\"\u003eec110f170b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003epending\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ae1dc16bb0d30b6e87b0f98b7989e6685d856e31\"\u003eae1dc16bb0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eclean up abort listener after timeout\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/9748b0d5da6ffb1fd2498b23cc452240f46e0549\"\u003e9748b0d5da\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport custom controls with non signal-based models\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/6bd22df987e433a9e3cb759e35eb6403991cf4b7\"\u003e6bd22df987\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eSupport readonly arrays in signal forms\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003erouter\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/41cd4a6af800cf7807c46862c99ae036457d8fa7\"\u003e41cd4a6af8\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eFix RouterLink href not updating with \u003ccode\u003equeryParamsHandling\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5e9e09aee0c08901d2a4d48b60bd13692c73e76e\"\u003e5e9e09aee0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ehandle errors from view transition \u003ccode\u003eupdateCallbackDone\u003c/code\u003e promise\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.6 (2025-12-17)\u003c/h1\u003e\n\u003ch2\u003eBreaking Changes (affecting only experimental features)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003ccode\u003e26cdc53\u003c/code\u003e\u003c/a\u003e fix(core): sanitize sensitive attributes on SVG script elements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003ccode\u003e7c42e2e\u003c/code\u003e\u003c/a\u003e fix(compiler): prevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/24bab55f0c89c4fe6037780fd7b2e8c8aa5429b2\"\u003e\u003ccode\u003e24bab55\u003c/code\u003e\u003c/a\u003e fix(compiler): lexer support for template literals in object literals (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61601\"\u003e#61601\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/fc2483e7e96f8a26293f6862cbd27417b4e40809\"\u003e\u003ccode\u003efc2483e\u003c/code\u003e\u003c/a\u003e refactor(compiler): avoid duplication between \u003ccode\u003eFactoryTarget\u003c/code\u003e type (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e54b5773f8f74bdd2e2c0a4c89c84543c99b834\"\u003e\u003ccode\u003e8e54b57\u003c/code\u003e\u003c/a\u003e build: move private testing helpers outside \u003ccode\u003eplatform-browser/testing\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/44bb328eaea028524206d0d2b9f12702c9bf3861\"\u003e\u003ccode\u003e44bb328\u003c/code\u003e\u003c/a\u003e fix(compiler): avoid conflicts between HMR code and local symbols (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61550\"\u003e#61550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/1007079aeea013291900109c86fab36c9cac50c4\"\u003e\u003ccode\u003e1007079\u003c/code\u003e\u003c/a\u003e build: update compiler-cli to not be stamped when used for the compiler in ng...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/0d025c5013292fdba65d91982ae8aaee61583d57\"\u003e\u003ccode\u003e0d025c5\u003c/code\u003e\u003c/a\u003e build: support new \u003ccode\u003eng_project\u003c/code\u003e rule (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61336\"\u003e#61336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/899cb4ab49e284185f2093f2b48f1adba8cb3d47\"\u003e\u003ccode\u003e899cb4a\u003c/code\u003e\u003c/a\u003e refactor: add explicit types for exports relying on inferred call return type...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/1312eb1600648c94a0063667c2095165462f27ef\"\u003e\u003ccode\u003e1312eb1\u003c/code\u003e\u003c/a\u003e build: remove irrelevant madge circular deps tests (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61209\"\u003e#61209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v19.2.18/packages/compiler\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/compiler\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.4.4 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/traverse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 1.18.3 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: add support for OSSF scorecard reporting by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: fix errors in ci github action for node 8 and 9 by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/523\"\u003eexpressjs/body-parser#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pin to node@22.4.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/527\"\u003eexpressjs/body-parser#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.12.3 by \u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd OSSF Scorecard badge by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLinter by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/535\"\u003eexpressjs/body-parser#535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/1.20.5/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.5 / 2026-04-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003cli\u003efix: extended urlencoded parsing of arrays with \u0026gt;100 elements (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.4 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@~6.14.0\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: raw-body@~2.5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.3 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.2 / 2023-02-21\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix strict json error message on Node.js 19+\u003c/li\u003e\n\u003cli\u003edeps: content-type@~1.0.5\n\u003cul\u003e\n\u003cli\u003eperf: skip value escaping when unnecessary\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: raw-body@2.5.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.1 / 2022-10-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.11.0\u003c/li\u003e\n\u003cli\u003eperf: remove unnecessary object clone\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.0 / 2022-04-02\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix error message for json parse whitespace in \u003ccode\u003estrict\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix internal error when inflated body exceeds limit\u003c/li\u003e\n\u003cli\u003ePrevent loss of async hooks context\u003c/li\u003e\n\u003cli\u003ePrevent hanging when request already read\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\n\u003cul\u003e\n\u003cli\u003eReplace internal \u003ccode\u003eeval\u003c/code\u003e usage with \u003ccode\u003eFunction\u003c/code\u003e constructor\u003c/li\u003e\n\u003cli\u003eUse instance methods on \u003ccode\u003eprocess\u003c/code\u003e to check for listeners\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\n\u003cul\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.10.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/0defdbe7f95ad0d3bc007d3a7c59c8c0ab9e6575\"\u003e\u003ccode\u003e0defdbe\u003c/code\u003e\u003c/a\u003e release(patch): 1.20.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/cd0e7a000c53e7be7262d303e57a352b6a00db7f\"\u003e\u003ccode\u003ecd0e7a0\u003c/code\u003e\u003c/a\u003e deps(qs): bump qs to 6.15.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6f24d7e8bcd9860b136920926ce86da1a7dd1d51\"\u003e\u003ccode\u003e6f24d7e\u003c/code\u003e\u003c/a\u003e fix: correct off-by-one error in parameterCount (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b849bd533d8b4abf5576a3e301f28d9befa05ddd\"\u003e\u003ccode\u003eb849bd5\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/690\"\u003e#690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2c55e2f712f320a8e8d0f9fcb1d06526d0e401c9\"\u003e\u003ccode\u003e2c55e2f\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3\"\u003e\u003ccode\u003e7db202c\u003c/code\u003e\u003c/a\u003e 1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989\"\u003e\u003ccode\u003ed8f8adb\u003c/code\u003e\u003c/a\u003e ci: add CodeQL (SAST) (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3\"\u003e\u003ccode\u003e6d133c1\u003c/code\u003e\u003c/a\u003e chore: remove SECURITY.md (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/669\"\u003e#669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66\"\u003e\u003ccode\u003efcd1535\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/668\"\u003e#668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6\"\u003e\u003ccode\u003eec5fa29\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/664\"\u003e#664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.18.3...1.20.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for body-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.16.4 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.16.4...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `browserify-sign` from 4.0.4 to 4.2.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md\"\u003ebrowserify-sign's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.4...v4.2.5\"\u003ev4.2.5\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] clean up tests and convert console info skips to tape skips \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] drop unsupported nodes from CI \u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.3...v4.2.4\"\u003ev4.2.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[actions] split out node 10-20, and 20+ \u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove \u003ccode\u003efiles\u003c/code\u003e field \u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003esemver\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5f6698211aa1d6dddaba8c245f40f63ae28924a3\"\u003e\u003ccode\u003e5f66982\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] replace \u003ccode\u003eaud\u003c/code\u003e with \u003ccode\u003enpm audit\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d44b24d8691d699ccc76780b106fe9c1bf0d1558\"\u003e\u003ccode\u003ed44b24d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] revert 9e2bf12, now that v3.1.1 is out \u003ca href=\"https://github.com/browserify/browserify-sign/commit/428cf7f3f0d09f1b39312e5e51620ca684b5c1ac\"\u003e\u003ccode\u003e428cf7f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.2...v4.2.3\"\u003ev4.2.3\u003c/a\u003e - 2024-03-05\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[patch] widen support to 0.12 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9247adfd261ededfec1c036c9d8f36c4e9f87c0e\"\u003e\u003ccode\u003e9247adf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[patch] drop minimum node support to v1 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/4d0ee49ae2dc238b877dce9aed7e23fb4cb5088d\"\u003e\u003ccode\u003e4d0ee49\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eaud\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/87f3a35a587b377da2c1987af8d41c57b5afe0a5\"\u003e\u003ccode\u003e87f3a35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] remove redundant finisher \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37a475856843b7d1b2403fdafac0024ba252e579\"\u003e\u003ccode\u003e37a4758\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003ehash-base\u003c/code\u003e to ~3.0, due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9e2bf122b70970cb92f69d53e963f18299f14d66\"\u003e\u003ccode\u003e9e2bf12\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1 [\u003c/code\u003ef427270`](\u003ca href=\"https://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\"\u003ehttps://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/fb261cea57f92b3d98bc4d8bc6228c43a5de2e91\"\u003e\u003ccode\u003efb261ce\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003eelliptic\u003c/code\u003e due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/168e16fcb54886a0281b0c983e1482a097042684\"\u003e\u003ccode\u003e168e16f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.1...v4.2.2\"\u003ev4.2.2\u003c/a\u003e - 2023-10-25\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] log when openssl doesn't support cipher \u003ca href=\"https://redirect.github.com/browserify/browserify-sign/issues/37\"\u003e\u003ccode\u003e[#37](https://github.com/crypto-browserify/browserify-sign/issues/37)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/browserify-sign/commit/09a89959393b3c89fedd4f7f3bafa4fec44371d7\"\u003e\u003ccode\u003e09a8995\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/browserify-sign/commit/83fe46374b819e959d56d2c0b931308f7451a664\"\u003e\u003ccode\u003e83fe463\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/44181838e7dcc4d5d0c568f74312ea28f0bcdfd5\"\u003e\u003ccode\u003e4418183\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9ac5a5eaaac8a11eb70ec2febd13745c8764ae02\"\u003e\u003ccode\u003e9ac5a5e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to github actions \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d845d855def38e2085d5a21e447a48300f99fa60\"\u003e\u003ccode\u003ed845d85\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003esign\u003c/code\u003e: throw on unsupported padding scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/8767739a4516289568bcce9fed8a3b7e23478de9\"\u003e\u003ccode\u003e8767739\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] properly check the upper bound for DSA signatures \u003ca href=\"https:...\n\n_Description has been truncated_","html_url":"https://github.com/servrox/ionic4-device-motion/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/servrox%2Fionic4-device-motion/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"},{"uuid":"4450304816","node_id":"PR_kwDOLnV1v87bu_RQ","number":1141,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 8 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-15T00:31:05.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-15T00:30:58.000Z","updated_at":"2026-05-15T00:31:13.000Z","time_to_close":7,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":8,"packages":[{"name":"mdast-util-to-hast","old_version":"13.2.0","new_version":"13.2.1","repository_url":"https://github.com/syntax-tree/mdast-util-to-hast"},{"name":"vite","old_version":"5.4.19","new_version":"8.0.13","repository_url":"https://github.com/vitejs/vite"},{"name":"vite","old_version":"5.4.21","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"dompurify","old_version":"3.3.3","new_version":"3.4.0","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"svelte","old_version":"5.55.1","new_version":"5.55.7","repository_url":"https://github.com/sveltejs/svelte"},{"name":"cookie","old_version":"0.6.0","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"},{"name":"devalue","old_version":"5.6.4","new_version":"5.8.1"},{"name":"picomatch","old_version":"4.0.3","new_version":"4.0.4"},{"name":"protocol-buffers-schema","old_version":"3.6.0","new_version":"3.6.1"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /documentation directory: [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast).\nBumps the npm_and_yarn group with 4 updates in the /frontend directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite), [dompurify](https://github.com/cure53/DOMPurify), [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte) and [cookie](https://github.com/jshttp/cookie).\n\nUpdates `mdast-util-to-hast` from 13.2.0 to 13.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/releases\"\u003emdast-util-to-hast's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.2.1\u003c/h2\u003e\n\u003ch4\u003eFix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eab3a795 Fix support for spaces in class names\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eTypes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eefb5312 Refactor to use \u003ccode\u003e@import\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003ea5bc210 Add declaration maps\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/compare/13.2.0...13.2.1\"\u003ehttps://github.com/syntax-tree/mdast-util-to-hast/compare/13.2.0...13.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/174795b21f7757fffb54dd8d5fb4012f4751f791\"\u003e\u003ccode\u003e174795b\u003c/code\u003e\u003c/a\u003e 13.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/3d05b3a715133df55689fe3753c2e47101315b4e\"\u003e\u003ccode\u003e3d05b3a\u003c/code\u003e\u003c/a\u003e Update Node in Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/ab3a79570a1afbfa7efef5d4a0cd9b5caafbc5d7\"\u003e\u003ccode\u003eab3a795\u003c/code\u003e\u003c/a\u003e Fix support for spaces in class names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/efb531231020055e0dab7b39a18d80b569d5b566\"\u003e\u003ccode\u003eefb5312\u003c/code\u003e\u003c/a\u003e Refactor to use \u003ccode\u003e@import\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/a5bc210f1aa308e4c6141ac374893c9237fcd746\"\u003e\u003ccode\u003ea5bc210\u003c/code\u003e\u003c/a\u003e Add declaration maps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/b54955d4e123b0167eac13646333c809bb8f301c\"\u003e\u003ccode\u003eb54955d\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003e.tsbuildinfo\u003c/code\u003e to \u003ccode\u003e.gitignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/compare/13.2.0...13.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 5.4.19 to 8.0.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.1/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.0/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.6/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.2 (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003efe28e47\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22163\"\u003e#22163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003eca4da5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.1 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e1114b5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20969\"\u003e#20969\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.4.0 (2025-10-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003eca6455e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20932\"\u003e#20932\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.7 (2025-10-14)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003ec59a222\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20940\"\u003e#20940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.6 (2025-09-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/0ab19ea9fcb66f544328f442cf6e70f7c0528d5f\"\u003e0ab19ea\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20736\"\u003e#20736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: upgrade sirv to 3.0.2 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20735\"\u003e#20735\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e11d24008b97d4ca731ecc1a3b95260a6d12e7e0\"\u003ee11d240\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20735\"\u003e#20735\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: detect ts support via \u003ccode\u003eprocess.features\u003c/code\u003e (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20544\"\u003e#20544\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7d9922972b62329d37a71d4da5a4a382d0bf8a79\"\u003e7d99229\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20544\"\u003e#20544\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.5 (2025-05-05)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(ssr): handle uninitialized export access as undefined (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19959\"\u003e#19959\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fd38d076fe2455aac1e00a7b15cd51159bf12bb5\"\u003efd38d07\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19959\"\u003e#19959\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.4 (2025-04-30)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c22c43de612eebb6c182dd67850c24e4fab8cacb\"\u003ec22c43d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19965\"\u003e#19965\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(optimizer): return plain object when using \u003ccode\u003erequire\u003c/code\u003e to import externals in optimized dependenci (\u003ca href=\"https://github.com/vitejs/vite/commit/efc5eab253419fde0a6a48b8d2f233063d6a9643\"\u003eefc5eab\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19940\"\u003e#19940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: remove duplicate plugin context type (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19935\"\u003e#19935\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/d6d01c2292fa4f9603e05b95d81c8724314c20e0\"\u003ed6d01c2\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19935\"\u003e#19935\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.3 (2025-04-24)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: ignore malformed uris in tranform middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19853\"\u003e#19853\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e4d520141bcd83ad61f16767348b4a813bf9340a\"\u003ee4d5201\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19853\"\u003e#19853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/6b3fad02abd550bd7b79934ff92c58dbd7f33045\"\u003e\u003ccode\u003e6b3fad0\u003c/code\u003e\u003c/a\u003e release: v6.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003e\u003ccode\u003eca4da5d\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003e\u003ccode\u003efe28e47\u003c/code\u003e\u003c/a\u003e fix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5487f4f641f70c47ea05fd101a4319897df048b3\"\u003e\u003ccode\u003e5487f4f\u003c/code\u003e\u003c/a\u003e release: v6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e\u003ccode\u003e1114b5d\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f12697c0f64b9a37196b9ab218a0911829d5b103\"\u003e\u003ccode\u003ef12697c\u003c/code\u003e\u003c/a\u003e release: v6.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003e\u003ccode\u003eca6455e\u003c/code\u003e\u003c/a\u003e feat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0e173d83681daa31be10fa8a62d56b1ec84690af\"\u003e\u003ccode\u003e0e173d8\u003c/code\u003e\u003c/a\u003e release: v6.3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003e\u003ccode\u003ec59a222\u003c/code\u003e\u003c/a\u003e fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/3f337c5e24504e51188d29c970de1416ee523dbb\"\u003e\u003ccode\u003e3f337c5\u003c/code\u003e\u003c/a\u003e release: v6.3.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v6.4.2/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 5.4.21 to 6.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.1/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.0/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.6/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.2 (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003efe28e47\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22163\"\u003e#22163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003eca4da5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.1 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e1114b5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20969\"\u003e#20969\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.4.0 (2025-10-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003eca6455e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20932\"\u003e#20932\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.7 (2025-10-14)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003ec59a222\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20940\"\u003e#20940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.6 (2025-09-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/0ab19ea9fcb66f544328f442cf6e70f7c0528d5f\"\u003e0ab19ea\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20736\"\u003e#20736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: upgrade sirv to 3.0.2 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20735\"\u003e#20735\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e11d24008b97d4ca731ecc1a3b95260a6d12e7e0\"\u003ee11d240\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20735\"\u003e#20735\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: detect ts support via \u003ccode\u003eprocess.features\u003c/code\u003e (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20544\"\u003e#20544\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7d9922972b62329d37a71d4da5a4a382d0bf8a79\"\u003e7d99229\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20544\"\u003e#20544\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.5 (2025-05-05)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(ssr): handle uninitialized export access as undefined (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19959\"\u003e#19959\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fd38d076fe2455aac1e00a7b15cd51159bf12bb5\"\u003efd38d07\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19959\"\u003e#19959\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.4 (2025-04-30)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c22c43de612eebb6c182dd67850c24e4fab8cacb\"\u003ec22c43d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19965\"\u003e#19965\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(optimizer): return plain object when using \u003ccode\u003erequire\u003c/code\u003e to import externals in optimized dependenci (\u003ca href=\"https://github.com/vitejs/vite/commit/efc5eab253419fde0a6a48b8d2f233063d6a9643\"\u003eefc5eab\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19940\"\u003e#19940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: remove duplicate plugin context type (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19935\"\u003e#19935\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/d6d01c2292fa4f9603e05b95d81c8724314c20e0\"\u003ed6d01c2\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19935\"\u003e#19935\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.3 (2025-04-24)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: ignore malformed uris in tranform middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19853\"\u003e#19853\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e4d520141bcd83ad61f16767348b4a813bf9340a\"\u003ee4d5201\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19853\"\u003e#19853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/6b3fad02abd550bd7b79934ff92c58dbd7f33045\"\u003e\u003ccode\u003e6b3fad0\u003c/code\u003e\u003c/a\u003e release: v6.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003e\u003ccode\u003eca4da5d\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003e\u003ccode\u003efe28e47\u003c/code\u003e\u003c/a\u003e fix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5487f4f641f70c47ea05fd101a4319897df048b3\"\u003e\u003ccode\u003e5487f4f\u003c/code\u003e\u003c/a\u003e release: v6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e\u003ccode\u003e1114b5d\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f12697c0f64b9a37196b9ab218a0911829d5b103\"\u003e\u003ccode\u003ef12697c\u003c/code\u003e\u003c/a\u003e release: v6.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003e\u003ccode\u003eca6455e\u003c/code\u003e\u003c/a\u003e feat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0e173d83681daa31be10fa8a62d56b1ec84690af\"\u003e\u003ccode\u003e0e173d8\u003c/code\u003e\u003c/a\u003e release: v6.3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003e\u003ccode\u003ec59a222\u003c/code\u003e\u003c/a\u003e fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/3f337c5e24504e51188d29c970de1416ee523dbb\"\u003e\u003ccode\u003e3f337c5\u003c/code\u003e\u003c/a\u003e release: v6.3.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v6.4.2/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dompurify` from 3.3.3 to 3.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eMost relevant changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a problem with \u003ccode\u003eFORBID_TAGS\u003c/code\u003e not winning over \u003ccode\u003eADD_TAGS\u003c/code\u003e, thanks \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed several minor problems and typos regarding MathML attributes, thanks \u003ca href=\"https://github.com/DavidOliver\"\u003e\u003ccode\u003e@​DavidOliver\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eADD_ATTR\u003c/code\u003e/\u003ccode\u003eADD_TAGS\u003c/code\u003e function leaking into subsequent array-based calls, thanks \u003ca href=\"https://github.com/1Jesper1\"\u003e\u003ccode\u003e@​1Jesper1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a missing \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrub in \u003ccode\u003eRETURN_DOM\u003c/code\u003e path, thanks \u003ca href=\"https://github.com/bencalif\"\u003e\u003ccode\u003e@​bencalif\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a prototype pollution via \u003ccode\u003eCUSTOM_ELEMENT_HANDLING\u003c/code\u003e, thanks \u003ca href=\"https://github.com/trace37labs\"\u003e\u003ccode\u003e@​trace37labs\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue with \u003ccode\u003eADD_TAGS\u003c/code\u003e function form bypassing \u003ccode\u003eFORBID_TAGS\u003c/code\u003e, thanks \u003ca href=\"https://github.com/eddieran\"\u003e\u003ccode\u003e@​eddieran\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue with \u003ccode\u003eADD_ATTR\u003c/code\u003e predicates skipping URI validation, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue with \u003ccode\u003eUSE_PROFILES\u003c/code\u003e prototype pollution, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue leading to possible mXSS via Re-Contextualization, thanks \u003ca href=\"https://github.com/researchatfluidattacks\"\u003e\u003ccode\u003e@​researchatfluidattacks\u003c/code\u003e\u003c/a\u003e and others\u003c/li\u003e\n\u003cli\u003eFixed an issue with closing tags leading to possible mXSS, thanks \u003ca href=\"https://github.com/frevadiscor\"\u003e\u003ccode\u003e@​frevadiscor\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a problem with the type dentition patcher after Node version bump\u003c/li\u003e\n\u003cli\u003eFixed freezing BS runs by reducing the tested browsers array\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eAdded needed files for OpenSSF scorecard checks\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003ePublished Advisories are here:\u003c/strong\u003e\n\u003ca href=\"https://github.com/cure53/DOMPurify/security/advisories?state=published\"\u003ehttps://github.com/cure53/DOMPurify/security/advisories?state=published\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b16e0b892e82b1779d62b9928b43c4c4ff290b9\"\u003e\u003ccode\u003e5b16e0b\u003c/code\u003e\u003c/a\u003e Getting 3.x branch ready for 3.4.0 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1250\"\u003e#1250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.3.3...3.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `svelte` from 5.55.1 to 5.55.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/svelte/releases\"\u003esvelte's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esvelte@5.55.7\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: prevent XSS on \u003ccode\u003ehydratable\u003c/code\u003e from user contents (\u003ca href=\"https://github.com/sveltejs/svelte/commit/a16ebc67bbcf8f708360195687e1b2719463e1a4\"\u003e\u003ccode\u003ea16ebc67bbcf8f708360195687e1b2719463e1a4\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: bump devalue (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18219\"\u003e#18219\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: disallow empty attribute names during SSR (\u003ca href=\"https://github.com/sveltejs/svelte/commit/547853e2406a2147ad7fb5ffeba95b01bd9642da\"\u003e\u003ccode\u003e547853e2406a2147ad7fb5ffeba95b01bd9642da\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: harden regex (\u003ca href=\"https://github.com/sveltejs/svelte/commit/d2375e2ebcab5c88feb5652f1a9d621b8f06b259\"\u003e\u003ccode\u003ed2375e2ebcab5c88feb5652f1a9d621b8f06b259\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: move Svelte runtime properties to symbols (\u003ca href=\"https://github.com/sveltejs/svelte/commit/e1cbbd96441e82c9eb8a23a2903c0d06d3cda991\"\u003e\u003ccode\u003ee1cbbd96441e82c9eb8a23a2903c0d06d3cda991\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.55.6\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: leave stale promises to wait for a later resolution, instead of rejecting (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18180\"\u003e#18180\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: keep dependencies of \u003ccode\u003e$state.eager/pending\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18218\"\u003e#18218\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: reapply context after transforming error during SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18099\"\u003e#18099\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: don't rebase just-created batches (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18117\"\u003e#18117\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: allow \u003ccode\u003enull\u003c/code\u003e for \u003ccode\u003epending\u003c/code\u003e in typings (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18201\"\u003e#18201\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: flush eager effects in production (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18107\"\u003e#18107\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: rethrow error of failed iterable after calling \u003ccode\u003ereturn()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18169\"\u003e#18169\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: account for proxified instance when updating \u003ccode\u003ebind:this\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18147\"\u003e#18147\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: ensure scheduled batch is flushed if not obsolete (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18131\"\u003e#18131\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: resolve stale deriveds with latest value (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18167\"\u003e#18167\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: remove unnecessary \u003ccode\u003eincrement_pending\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18183\"\u003e#18183\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: correctly compile component member expressions for SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18192\"\u003e#18192\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: reset \u003ccode\u003esource.updated\u003c/code\u003e stack traces after \u003ccode\u003eflush\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18196\"\u003e#18196\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: replacing async 'blocking' strategy with 'merging' (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18205\"\u003e#18205\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: allow \u003ccode\u003e@debug\u003c/code\u003e tags to reference awaited variables (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18138\"\u003e#18138\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: re-run fallback props if dependencies update (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18146\"\u003e#18146\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: abort running obsolete async branches (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18118\"\u003e#18118\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md\"\u003esvelte's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.55.7\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: prevent XSS on \u003ccode\u003ehydratable\u003c/code\u003e from user contents (\u003ca href=\"https://github.com/sveltejs/svelte/commit/a16ebc67bbcf8f708360195687e1b2719463e1a4\"\u003e\u003ccode\u003ea16ebc67bbcf8f708360195687e1b2719463e1a4\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: bump devalue (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18219\"\u003e#18219\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: disallow empty attribute names during SSR (\u003ca href=\"https://github.com/sveltejs/svelte/commit/547853e2406a2147ad7fb5ffeba95b01bd9642da\"\u003e\u003ccode\u003e547853e2406a2147ad7fb5ffeba95b01bd9642da\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: harden regex (\u003ca href=\"https://github.com/sveltejs/svelte/commit/d2375e2ebcab5c88feb5652f1a9d621b8f06b259\"\u003e\u003ccode\u003ed2375e2ebcab5c88feb5652f1a9d621b8f06b259\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: move Svelte runtime properties to symbols (\u003ca href=\"https://github.com/sveltejs/svelte/commit/e1cbbd96441e82c9eb8a23a2903c0d06d3cda991\"\u003e\u003ccode\u003ee1cbbd96441e82c9eb8a23a2903c0d06d3cda991\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.55.6\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: leave stale promises to wait for a later resolution, instead of rejecting (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18180\"\u003e#18180\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: keep dependencies of \u003ccode\u003e$state.eager/pending\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18218\"\u003e#18218\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: reapply context after transforming error during SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18099\"\u003e#18099\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: don't rebase just-created batches (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18117\"\u003e#18117\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: allow \u003ccode\u003enull\u003c/code\u003e for \u003ccode\u003epending\u003c/code\u003e in typings (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18201\"\u003e#18201\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: flush eager effects in production (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18107\"\u003e#18107\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: rethrow error of failed iterable after calling \u003ccode\u003ereturn()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18169\"\u003e#18169\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: account for proxified instance when updating \u003ccode\u003ebind:this\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18147\"\u003e#18147\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: ensure scheduled batch is flushed if not obsolete (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18131\"\u003e#18131\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: resolve stale deriveds with latest value (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18167\"\u003e#18167\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: remove unnecessary \u003ccode\u003eincrement_pending\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18183\"\u003e#18183\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: correctly compile component member expressions for SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18192\"\u003e#18192\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: reset \u003ccode\u003esource.updated\u003c/code\u003e stack traces after \u003ccode\u003eflush\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18196\"\u003e#18196\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: replacing async 'blocking' strategy with 'merging' (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18205\"\u003e#18205\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: allow \u003ccode\u003e@debug\u003c/code\u003e tags to reference awaited variables (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18138\"\u003e#18138\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: re-run fallback props if dependencies update (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18146\"\u003e#18146\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/4d8f99a2709e3c02e48d8bc6c77458f4ba49d0e3\"\u003e\u003ccode\u003e4d8f99a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18220\"\u003e#18220\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/05523088173e10af0753877af6936088de924833\"\u003e\u003ccode\u003e0552308\u003c/code\u003e\u003c/a\u003e chore: bump devalue (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18219\"\u003e#18219\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/e1cbbd96441e82c9eb8a23a2903c0d06d3cda991\"\u003e\u003ccode\u003ee1cbbd9\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/a16ebc67bbcf8f708360195687e1b2719463e1a4\"\u003e\u003ccode\u003ea16ebc6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/d2375e2ebcab5c88feb5652f1a9d621b8f06b259\"\u003e\u003ccode\u003ed2375e2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/547853e2406a2147ad7fb5ffeba95b01bd9642da\"\u003e\u003ccode\u003e547853e\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/55f9c85c09d625c3dd80c71ce7542f57386fafb4\"\u003e\u003ccode\u003e55f9c85\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18158\"\u003e#18158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/a10e8e47a5946623a60a1e36b9023c23926eae87\"\u003e\u003ccode\u003ea10e8e4\u003c/code\u003e\u003c/a\u003e fix: keep dependencies of \u003ccode\u003e$state.eager\u003c/code\u003e/\u003ccode\u003epending\u003c/code\u003e (alternative approach) (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/ef4b97dfabfd7a23b27933e18f7393587c343d66\"\u003e\u003ccode\u003eef4b97d\u003c/code\u003e\u003c/a\u003e fix: duplicated \u0026quot;of\u0026quot; in events.js comment (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18217\"\u003e#18217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/5122936edb3c14e9a602e579727479b49cbd3239\"\u003e\u003ccode\u003e5122936\u003c/code\u003e\u003c/a\u003e fix: treat batches as a linked list (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18205\"\u003e#18205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/svelte/commits/svelte@5.55.7/packages/svelte\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.6.0 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devalue` from 5.6.4 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/releases\"\u003edevalue's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md\"\u003edevalue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/796ea83a76eb7e0f2af376f9c2c875f1d057f50f\"\u003e\u003ccode\u003e796ea83\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/152\"\u003e#152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/206ca6712fbc380a4571c59de9ab04b91110792d\"\u003e\u003ccode\u003e206ca67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/14933f78ff6b712829162628682b0a1993e75d19\"\u003e\u003ccode\u003e14933f7\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/c5115b0074ec298fb4077f6cee5616cefbd13902\"\u003e\u003ccode\u003ec5115b0\u003c/code\u003e\u003c/a\u003e feat: \u003ccode\u003estringifyAsync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/150\"\u003e#150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/67dad450b5db18ea9aa3059d334d8b0ee6704d9e\"\u003e\u003ccode\u003e67dad45\u003c/code\u003e\u003c/a\u003e docs: update README to reflect serialization stability non-goal (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/147\"\u003e#147\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/6eb920a7db6fe388f24f640d0e4e874a57f148fb\"\u003e\u003ccode\u003e6eb920a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/8becc7c436f0d4f85e2e5b32cb49dcfdf4fdec42\"\u003e\u003ccode\u003e8becc7c\u003c/code\u003e\u003c/a\u003e fix: handle regexes consistently in uneval's value and reference formats (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/2eee2e435ea0ea3d495dc7a266486df95a4eb6ed\"\u003e\u003ccode\u003e2eee2e4\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/498656e75d36dfc63a386240722bdeac63337b25\"\u003e\u003ccode\u003e498656e\u003c/code\u003e\u003c/a\u003e DataView support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/5590634db53ed555d3ce2e2024924b30352a6afc\"\u003e\u003ccode\u003e5590634\u003c/code\u003e\u003c/a\u003e Improve platform types support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/devalue/compare/v5.6.4...v5.8.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 4.0.3 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.4\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ehttps://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e5474fc1a4d7991870058170407dda8a42be5334\"\u003e\u003ccode\u003ee5474fc\u003c/code\u003e\u003c/a\u003e Publish 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903\"\u003e\u003ccode\u003e4516eb5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d\"\u003e\u003ccode\u003e5eceecd\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/0db7dd70651ca7c8265601c0442a996ed32e3238\"\u003e\u003ccode\u003e0db7dd7\u003c/code\u003e\u003c/a\u003e Run benchmark again against latest minimatch version (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/161\"\u003e#161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/95003777eb1c60dec09495a8231fa2ba4054d76a\"\u003e\u003ccode\u003e9500377\u003c/code\u003e\u003c/a\u003e docs: clarify what brace expansion syntax is and isn't supported (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/2661f23eca86c8b4a2b14815b9b2b3b74bd5a171\"\u003e\u003ccode\u003e2661f23\u003c/code\u003e\u003c/a\u003e fix typo in globstars.js test name (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/138\"\u003e#138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/1798b07e9df59500b9cf567294d44d559032f4c7\"\u003e\u003ccode\u003e1798b07\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003emakeRe\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/9d76bc57a03b7f57cc4ca516c8071daf632bafd8\"\u003e\u003ccode\u003e9d76bc5\u003c/code\u003e\u003c/a\u003e chore: undocument removed options (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e4d718bbfb47e4f030ab2612b5b04a9297fe272d\"\u003e\u003ccode\u003ee4d718b\u003c/code\u003e\u003c/a\u003e Remove unused time-require (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/38dffeb16221cc8eb8981524fb6895dd2aaaba76\"\u003e\u003ccode\u003e38dffeb\u003c/code\u003e\u003c/a\u003e chore(deps): pin dependencies (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/158\"\u003e#158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protocol-buffers-schema` from 3.6.0 to 3.6.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/commit/46c34bd3199aa1e32374a1af59d02413b9ea197a\"\u003e\u003ccode\u003e46c34bd\u003c/code\u003e\u003c/a\u003e 3.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/commit/2351031dd6f1d58930b8e46548e91b1e96f7c20c\"\u003e\u003ccode\u003e2351031\u003c/code\u003e\u003c/a\u003e Fixed parse.js to prevent Prototype Pollution (\u003ca href=\"https://redirect.github.com/mafintosh/protocol-buffers-schema/issues/70\"\u003e#70\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/compare/v3.6.0...v3.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/seanmorley15/AdventureLog/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/seanmorley15/AdventureLog/pull/1141","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/seanmorley15%2FAdventureLog/issues/1141","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1141/packages"},{"uuid":"4449654681","node_id":"PR_kwDOPPEFa87bs37W","number":481,"state":"open","title":"Bump cookie from 0.6.0 to 0.7.0 in the npm_and_yarn group across 1 directory","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-14T22:06:48.000Z","updated_at":"2026-05-14T22:09:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"cookie","old_version":"0.6.0","new_version":"0.7.0","repository_url":"https://github.com/jshttp/cookie"}],"path":"the npm_and_yarn group across 1 directory","ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the / directory: [cookie](https://github.com/jshttp/cookie).\n\nUpdates `cookie` from 0.6.0 to 0.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eperf: parse cookies ~10% faster (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e by \u003ca href=\"https://github.com/kurtextrem\"\u003e\u003ccode\u003e@​kurtextrem\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: narrow the validation of cookies to match RFC6265 (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/167\"\u003e#167\u003c/a\u003e by \u003ca href=\"https://github.com/bewinsnw\"\u003e\u003ccode\u003e@​bewinsnw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: add \u003ccode\u003emain\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e for rspack (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/166\"\u003e#166\u003c/a\u003e by \u003ca href=\"https://github.com/proudparrot2\"\u003e\u003ccode\u003e@​proudparrot2\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\"\u003ehttps://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627\"\u003e\u003ccode\u003eab057d6\u003c/code\u003e\u003c/a\u003e 0.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542\"\u003e\u003ccode\u003e5f02ca8\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579\"\u003e\u003ccode\u003ea5d591c\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105\"\u003e\u003ccode\u003e51968f9\u003c/code\u003e\u003c/a\u003e Skip isNaN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc\"\u003e\u003ccode\u003e9e7ca51\u003c/code\u003e\u003c/a\u003e perf(parse): cache length, return early (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/d6f39b0aab5521a8b118b466a515fd6eb0b9f65e\"\u003e\u003ccode\u003ed6f39b0\u003c/code\u003e\u003c/a\u003e Fix tests for old node\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6bb701f14e59c5e768933bfae9b578db4ed26c6e\"\u003e\u003ccode\u003e6bb701f\u003c/code\u003e\u003c/a\u003e Remove failing scorecard\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/ca70da4ddccf7daab7ad7e86e8c83d6a0123ba73\"\u003e\u003ccode\u003eca70da4\u003c/code\u003e\u003c/a\u003e test(serialize): additional tests for name, domain and path RFC validations (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/47917c9c2c56887c53d68e23159a7e1c3f7cb958\"\u003e\u003ccode\u003e47917c9\u003c/code\u003e\u003c/a\u003e Iterate whitespace for perf (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/927d48a18fc82828d3726e18927003db330247bb\"\u003e\u003ccode\u003e927d48a\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003emain\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cookie\u0026package-manager=npm_and_yarn\u0026previous-version=0.6.0\u0026new-version=0.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/a-novel-kit/nodelib/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/a-novel-kit/nodelib/pull/481","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/a-novel-kit%2Fnodelib/issues/481","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/481/packages"},{"uuid":"4449451033","node_id":"PR_kwDOG_X9nM7bsM6d","number":996,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-14T22:29:52.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-14T21:33:16.000Z","updated_at":"2026-05-14T22:29:54.000Z","time_to_close":3396,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":16,"packages":[{"name":"@hono/node-server","old_version":"1.19.9","new_version":"1.19.14","repository_url":"https://github.com/honojs/node-server"},{"name":"brace-expansion","old_version":"1.1.12","new_version":"2.0.3"},{"name":"cookie","old_version":"0.6.0","new_version":"1.1.1"},{"name":"devalue","old_version":"5.6.3","new_version":"5.8.1"},{"name":"diff","old_version":"7.0.0","new_version":"9.0.0"},{"name":"fast-uri","old_version":"3.1.0","new_version":"3.1.2"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2"},{"name":"immutable","old_version":"5.1.3","new_version":"5.1.5"},{"name":"js-yaml","old_version":"3.14.1","new_version":"4.1.1"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1"},{"name":"markdown-it","old_version":"14.1.0","new_version":"14.1.1"},{"name":"minimatch","old_version":"3.1.2","new_version":"9.0.9"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the / directory: [@hono/node-server](https://github.com/honojs/node-server).\n\nUpdates `@hono/node-server` from 1.19.9 to 1.19.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.14\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add custom inspect to lightweight Request/Response to prevent TypeError on console.log by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/340\"\u003ehonojs/node-server#340\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.13...v1.19.14\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.13...v1.19.14\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.13\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an issue in Serve Static Middleware where inconsistent handling of repeated slashes (\u003ccode\u003e//\u003c/code\u003e) between the router and static file resolution could allow middleware to be bypassed. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-92pp-h63x-v22m for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: ignore claude setting by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/314\"\u003ehonojs/node-server#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: request draining for early 413 responses by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/329\"\u003ehonojs/node-server#329\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.11\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not overwrite Content-Length in the fast path pattern if Content-Length already exists. by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/309\"\u003ehonojs/node-server#309\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.10\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an authorization bypass in Serve Static Middleware caused by inconsistent URL decoding (\u003ccode\u003e%2F\u003c/code\u003e handling) between the router and static file resolution. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-wc8c-qw6v-h7f6 for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/b5e63a366d9b0ef62ac65fcafd7f69b383b03ff5\"\u003e\u003ccode\u003eb5e63a3\u003c/code\u003e\u003c/a\u003e 1.19.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/c02d7770a2d29ea473403211bef0a60639885a28\"\u003e\u003ccode\u003ec02d777\u003c/code\u003e\u003c/a\u003e fix: add custom inspect to lightweight Request/Response to prevent TypeError ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/fd64e659a34ec661fd9ccda00d1b9dff88dfaf90\"\u003e\u003ccode\u003efd64e65\u003c/code\u003e\u003c/a\u003e 1.19.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/025c30f55d589ddbe6048b151d77e904f67a8cc2\"\u003e\u003ccode\u003e025c30f\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/6cdb5a724952f3df5748e435637792068ebea6d9\"\u003e\u003ccode\u003e6cdb5a7\u003c/code\u003e\u003c/a\u003e 1.19.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/70250f780ec99d2ddc0dd8275a42f8e091e06e94\"\u003e\u003ccode\u003e70250f7\u003c/code\u003e\u003c/a\u003e fix: request draining for early 413 responses (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/329\"\u003e#329\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cfc08b330a1f2e0a2d8cc7797cde389465b5f4fb\"\u003e\u003ccode\u003ecfc08b3\u003c/code\u003e\u003c/a\u003e chore: ignore claude setting (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/ecd4d6be55117005acfd60a22d90c4818618507b\"\u003e\u003ccode\u003eecd4d6b\u003c/code\u003e\u003c/a\u003e 1.19.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/c94489955ebd855630b703022837f7fe5f925111\"\u003e\u003ccode\u003ec944899\u003c/code\u003e\u003c/a\u003e fix: do not overwrite Content-Length in the fast path pattern if Content-Leng...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/2f8ca3665f5257305603783ec9999bd1a9bec0f2\"\u003e\u003ccode\u003e2f8ca36\u003c/code\u003e\u003c/a\u003e 1.19.10\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.9...v1.19.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.12 to 2.0.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 2.x  14f1d91\u003c/li\u003e\n\u003cli\u003efmt  ed7780a\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  36603d5\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/73b5459d2ab973c984d01324769d306f66440c7e\"\u003e\u003ccode\u003e73b5459\u003c/code\u003e\u003c/a\u003e 2.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5\"\u003e\u003ccode\u003e311ac0d\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v to v2 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/a3efcee659ef0fb381e2b50d759c720900580a15\"\u003e\u003ccode\u003ea3efcee\u003c/code\u003e\u003c/a\u003e 2.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/14f1d91b0523ffb0c8bbe6a28dc98ddc56ae53bc\"\u003e\u003ccode\u003e14f1d91\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 2.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ed7780ab1cb8a7696f1813b5a945fcc70d8d1990\"\u003e\u003ccode\u003eed7780a\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/36603d5f3599a37af9e85eda30acd7d28599c36e\"\u003e\u003ccode\u003e36603d5\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/b9c0e57027317a8d0a56a7ccee28fc478d847da2\"\u003e\u003ccode\u003eb9c0e57\u003c/code\u003e\u003c/a\u003e 2.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/4d96d7dbca632806263efb0da8d1e9d8a2143cc2\"\u003e\u003ccode\u003e4d96d7d\u003c/code\u003e\u003c/a\u003e switch to fork of matcha that works on node\u0026gt;12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/bc482fba0a225be53f5ba92e62f6c9255a933261\"\u003e\u003ccode\u003ebc482fb\u003c/code\u003e\u003c/a\u003e Ignore only blocks that begins with $ (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/49\"\u003e#49\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7b31e5c518f47022a8e29515da0c854cc8aae9fe\"\u003e\u003ccode\u003e7b31e5c\u003c/code\u003e\u003c/a\u003e Adds travis jobs on ppc64le (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/48\"\u003e#48\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v2.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.6.0 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devalue` from 5.6.3 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/releases\"\u003edevalue's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md\"\u003edevalue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/796ea83a76eb7e0f2af376f9c2c875f1d057f50f\"\u003e\u003ccode\u003e796ea83\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/152\"\u003e#152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/206ca6712fbc380a4571c59de9ab04b91110792d\"\u003e\u003ccode\u003e206ca67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/14933f78ff6b712829162628682b0a1993e75d19\"\u003e\u003ccode\u003e14933f7\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/c5115b0074ec298fb4077f6cee5616cefbd13902\"\u003e\u003ccode\u003ec5115b0\u003c/code\u003e\u003c/a\u003e feat: \u003ccode\u003estringifyAsync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/150\"\u003e#150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/67dad450b5db18ea9aa3059d334d8b0ee6704d9e\"\u003e\u003ccode\u003e67dad45\u003c/code\u003e\u003c/a\u003e docs: update README to reflect serialization stability non-goal (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/147\"\u003e#147\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/6eb920a7db6fe388f24f640d0e4e874a57f148fb\"\u003e\u003ccode\u003e6eb920a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/8becc7c436f0d4f85e2e5b32cb49dcfdf4fdec42\"\u003e\u003ccode\u003e8becc7c\u003c/code\u003e\u003c/a\u003e fix: handle regexes consistently in uneval's value and reference formats (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/2eee2e435ea0ea3d495dc7a266486df95a4eb6ed\"\u003e\u003ccode\u003e2eee2e4\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/498656e75d36dfc63a386240722bdeac63337b25\"\u003e\u003ccode\u003e498656e\u003c/code\u003e\u003c/a\u003e DataView support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/5590634db53ed555d3ce2e2024924b30352a6afc\"\u003e\u003ccode\u003e5590634\u003c/code\u003e\u003c/a\u003e Improve platform types support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/devalue/compare/v5.6.3...v5.8.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 7.0.0 to 9.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.0.0\u003c/h2\u003e\n\u003cp\u003e(All changes part of PR \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/672\"\u003e#672\u003c/a\u003e.)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eES5 support is dropped\u003c/strong\u003e. \u003ccode\u003eparsePatch\u003c/code\u003e now uses \u003ccode\u003eTextDecoder\u003c/code\u003e and \u003ccode\u003eUint8Array\u003c/code\u003e, which are not available in ES5, and TypeScript is now compiled with the \u0026quot;es6\u0026quot; \u003ccode\u003etarget\u003c/code\u003e. From now on, I intend to freely use any features that are deemed \u0026quot;Widely available\u0026quot; by \u003ca href=\"https://web.dev/baseline\"\u003eBaseline\u003c/a\u003e. Users who need ES5 support should stick to version 8.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eC-style quoted strings in filename headers are now properly supported\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eWhen the name of either the old or new file in a patch contains \u0026quot;special characters\u0026quot;, both GNU \u003ccode\u003ediff\u003c/code\u003e and Git quote the filename in the patch's headers and escape special characters using the same escape sequences that are used in string literals in C, including octal escapes for all non-ASCII characters. Previously, jsdiff had very little support for this; \u003ccode\u003eparsePatch\u003c/code\u003e would remove the quotes, and unescape any escaped backslashes, but would not unescape other escape sequences. \u003ccode\u003eformatPatch\u003c/code\u003e, meanwhile, did not quote or escape special characters at all.\u003c/p\u003e\n\u003cp\u003eNow, \u003ccode\u003eparsePatch\u003c/code\u003e parses all the possible escape sequences that GNU diff (or Git) ever output, and \u003ccode\u003eformatPatch\u003c/code\u003e quotes and escapes filenames containing special characters in the same way GNU diff does.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e now omits file headers when \u003ccode\u003eoldFileName\u003c/code\u003e or \u003ccode\u003enewFileName\u003c/code\u003e in the provided patch object are \u003ccode\u003eundefined\u003c/code\u003e\u003c/strong\u003e, regardless of the \u003ccode\u003eheaderOptions\u003c/code\u003e parameter. (Previously, it would treat the absence of \u003ccode\u003eoldFileName\u003c/code\u003e or \u003ccode\u003enewFileName\u003c/code\u003e as indicating the filename was the word \u0026quot;undefined\u0026quot; and emit headers \u003ccode\u003e--- undefined\u003c/code\u003e / \u003ccode\u003e+++ undefined\u003c/code\u003e.)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e no longer outputs trailing tab characters at the end of \u003ccode\u003e---\u003c/code\u003e/\u003ccode\u003e+++\u003c/code\u003e headers.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003ePreviously, if \u003ccode\u003eformatPatch\u003c/code\u003e was passed a patch object to serialize that had empty strings for the \u003ccode\u003eoldHeader\u003c/code\u003e or \u003ccode\u003enewHeader\u003c/code\u003e property, it would include a trailing tab character after the filename in the \u003ccode\u003e---\u003c/code\u003e and/or \u003ccode\u003e+++\u003c/code\u003e file header. Now, this scenario is treated the same as when \u003ccode\u003eoldHeader\u003c/code\u003e/\u003ccode\u003enewHeader\u003c/code\u003e is \u003ccode\u003eundefined\u003c/code\u003e - i.e. the trailing tab is omitted.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e no longer mutates its input\u003c/strong\u003e when serializing a patch containing a hunk where either the old or new content contained zero lines. (Such a hunk occurs only when the hunk has no context lines and represents a pure insertion or pure deletion, which for instance will occur whenever one of the two files being diffed is completely empty.) Previously \u003ccode\u003eformatPatch\u003c/code\u003e would provide the correct output but also mutate the \u003ccode\u003eoldLines\u003c/code\u003e or \u003ccode\u003enewLines\u003c/code\u003e property on the hunk, changing the meaning of the underlying patch.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eGit-style patches are now supported by \u003ccode\u003eparsePatch\u003c/code\u003e, \u003ccode\u003eformatPatch\u003c/code\u003e, and \u003ccode\u003ereversePatch\u003c/code\u003e\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003ePatches output by \u003ccode\u003egit diff\u003c/code\u003e can include some features that are unlike those output by GNU \u003ccode\u003ediff\u003c/code\u003e, and therefore not handled by an ordinary unified diff format parser. An ordinary diff simply describes the differences between the \u003cem\u003econtent\u003c/em\u003e of two files, but Git diffs can also indicate, via \u0026quot;extended headers\u0026quot;, the creation or deletion of (potentially empty) files, indicate that a file was renamed, and contain information about file mode changes. Furthermore, when these changes appear in a diff in the absence of a content change (e.g. when an empty file is created, or a file is renamed without content changes), the patch will contain no associated \u003ccode\u003e---\u003c/code\u003e/\u003ccode\u003e+++\u003c/code\u003e file headers nor any hunks.\u003c/p\u003e\n\u003cp\u003ejsdiff previously did not support parsing Git's extended headers, nor hunkless patches. Now \u003ccode\u003eparsePatch\u003c/code\u003e parses some of the extended headers, parses hunkless Git patches, and can determine filenames (e.g. from the extended headers) when parsing a patch that includes no \u003ccode\u003e---\u003c/code\u003e or \u003ccode\u003e+++\u003c/code\u003e file headers. The additional information conveyed by the extended headers we support is recorded on new fields on the result object returned by \u003ccode\u003eparsePatch\u003c/code\u003e. See \u003ccode\u003eisGit\u003c/code\u003e and subsequent properties in the docs in the README.md file.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003eformatPatch\u003c/code\u003e now outputs extended headers based on these new Git-specific properties, and \u003ccode\u003ereversePatch\u003c/code\u003e respects them as far as possible (with one unavoidable caveat noted in the README.md file).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eUnpaired file headers now cause \u003ccode\u003eparsePatch\u003c/code\u003e to throw\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eIt remains acceptable to have a patch with no file headers whatsoever (e.g. one that begins with a \u003ccode\u003e@@\u003c/code\u003e hunk header on the very first line), but a patch with \u003cem\u003eonly\u003c/em\u003e a \u003ccode\u003e---\u003c/code\u003e header or only a \u003ccode\u003e+++\u003c/code\u003e header is now considered an error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eparsePatch\u003c/code\u003e is now more tolerant of \u0026quot;trailing garbage\u0026quot;\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThat is: after a patch, or between files/indexes in a patch, it is now acceptable to have arbitrary lines of \u0026quot;garbage\u0026quot; (so long as they unambiguously have no syntactic meaning - e.g. trailing garbage that leads with a \u003ccode\u003e+\u003c/code\u003e, \u003ccode\u003e-\u003c/code\u003e, or \u003ccode\u003e \u003c/code\u003e and thus is interpretable as part of a hunk still triggers a throw).\u003c/p\u003e\n\u003cp\u003eThis means we no longer reject patches output by tools that include extra data in \u0026quot;garbage\u0026quot; lines not understood by generic unified diff parsers. (For example, SVN patches can include \u0026quot;Property changes on:\u0026quot; lines that generic unified diff parsers should discard as garbage; jsdiff previously threw errors when encountering them.)\u003c/p\u003e\n\u003cp\u003eThis change brings jsdiff's behaviour more in line with GNU \u003ccode\u003epatch\u003c/code\u003e, which is highly permissive of \u0026quot;garbage\u0026quot;.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThe \u003ccode\u003eoldFileName\u003c/code\u003e and \u003ccode\u003enewFileName\u003c/code\u003e fields of \u003ccode\u003eStructuredPatch\u003c/code\u003e are now typed as \u003ccode\u003estring | undefined\u003c/code\u003e instead of \u003ccode\u003estring\u003c/code\u003e\u003c/strong\u003e. This type change reflects the (pre-existing) reality that \u003ccode\u003eparsePatch\u003c/code\u003e can produce patches without filenames (e.g. when parsing a patch that simply contains hunks with no file headers).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/667\"\u003e#667\u003c/a\u003e - \u003cstrong\u003efix another bug in \u003ccode\u003ediffWords\u003c/code\u003e when used with an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e\u003c/strong\u003e. If the text to be diffed included a combining mark after a whitespace character (i.e. roughly speaking, an accented space), \u003ccode\u003ediffWords\u003c/code\u003e would previously crash. Now this case is handled correctly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/631\"\u003e#631\u003c/a\u003e - \u003cstrong\u003efix support for using an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e with \u003ccode\u003ediffWords\u003c/code\u003e\u003c/strong\u003e. This has been almost completely broken since the feature was added in v6.0.0, since it would outright crash on any text that featured two consecutive newlines between a pair of words (a very common case).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/635\"\u003e#635\u003c/a\u003e - \u003cstrong\u003esmall tweaks to tokenization behaviour of \u003ccode\u003ediffWords\u003c/code\u003e\u003c/strong\u003e when used \u003cem\u003ewithout\u003c/em\u003e an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e. Specifically, the soft hyphen (U+00AD) is no longer considered to be a word break, and the multiplication and division signs (\u003ccode\u003e×\u003c/code\u003e and \u003ccode\u003e÷\u003c/code\u003e) are now treated as punctuation instead of as letters / word characters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/ed13aca03aa25735fafc0645d1185e7a1c68fd8c\"\u003e\u003ccode\u003eed13aca\u003c/code\u003e\u003c/a\u003e Update version in package.json and in release notes (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/683\"\u003e#683\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/7a49317b503a932b88fc72ad9c57a481df038e24\"\u003e\u003ccode\u003e7a49317\u003c/code\u003e\u003c/a\u003e Bump dependencies again (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/682\"\u003e#682\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/afe5aecad189c9f5941ad3feb3c94c46b32ecb0a\"\u003e\u003ccode\u003eafe5aec\u003c/code\u003e\u003c/a\u003e Add Git support, and otherwise variously improve \u0026amp; fix parsePatch (and other ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/2e46779d8866ce7da1303a03db33ed038590c6f6\"\u003e\u003ccode\u003e2e46779\u003c/code\u003e\u003c/a\u003e Fix a typo (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/679\"\u003e#679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/dd2f99497703a1540b2ae406b51c49b74b5fc1a1\"\u003e\u003ccode\u003edd2f994\u003c/code\u003e\u003c/a\u003e 8.0.4 release (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/3cc438434db53c5d1c40412b727ea7650f6f145a\"\u003e\u003ccode\u003e3cc4384\u003c/code\u003e\u003c/a\u003e Update docs on releasing to reflect migration to yarn berry (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/6fc2aa6b7672af08774b50aae00d97b99c5b5715\"\u003e\u003ccode\u003e6fc2aa6\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/676\"\u003e#676\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/af7393ac3404565dc8da655c2e7aeeed28c01ff7\"\u003e\u003ccode\u003eaf7393a\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4b5d1800370bf29b61a3378fb8086aeb231d3ef7\"\u003e\u003ccode\u003e4b5d180\u003c/code\u003e\u003c/a\u003e Fix another bug in diffWords's \u0026quot;intlSegmenter\u0026quot; mode (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/667\"\u003e#667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/10da50c466709e7bd4b192dac96af0af46f8b7bd\"\u003e\u003ccode\u003e10da50c\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/666\"\u003e#666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/7.0.0...v9.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-uri` from 3.1.0 to 3.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fast-uri/releases\"\u003efast-uri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.2\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle malformed fragment decoding as a parse error by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/171\"\u003efastify/fast-uri#171\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.32.0 to 0.33.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/148\"\u003efastify/fast-uri#148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/149\"\u003efastify/fast-uri#149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(.npmrc): ignore scripts by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/150\"\u003efastify/fast-uri#150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): remove \u003ccode\u003e@​fastify/pre-commit\u003c/code\u003e by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/151\"\u003efastify/fast-uri#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/152\"\u003efastify/fast-uri#152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): add concurrency config by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/153\"\u003efastify/fast-uri#153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/154\"\u003efastify/fast-uri#154\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/156\"\u003efastify/fast-uri#156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/159\"\u003efastify/fast-uri#159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/161\"\u003efastify/fast-uri#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove unused github files by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update readme by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/164\"\u003efastify/fast-uri#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/165\"\u003efastify/fast-uri#165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/166\"\u003efastify/fast-uri#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/167\"\u003efastify/fast-uri#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/169\"\u003efastify/fast-uri#169\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/919dd8ea7689fcc220d0d9b71307f5095e723ef9\"\u003e\u003ccode\u003e919dd8e\u003c/code\u003e\u003c/a\u003e Bumped v3.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/c65ba573714af6b8e19e481d9444c27bc4355d07\"\u003e\u003ccode\u003ec65ba57\u003c/code\u003e\u003c/a\u003e fixup: linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/6c86c17c3d76fb93aa3700ec6c0fa00faeb97293\"\u003e\u003ccode\u003e6c86c17\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/a95158ad308df4d92bbde4eba699ce5165e9f796\"\u003e\u003ccode\u003ea95158a\u003c/code\u003e\u003c/a\u003e Handle malformed fragment decoding without throwing (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/171\"\u003e#171\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/cea547c91c6aae610041b17b75792ca4aa035a6d\"\u003e\u003ccode\u003ecea547c\u003c/code\u003e\u003c/a\u003e Bumped v3.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/876ce79b662c3e5015e4e7dffe6f37752ad34f35\"\u003e\u003ccode\u003e876ce79\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/dcdf690b71a7bb3a19887ada65a9ab160d83bcc0\"\u003e\u003ccode\u003edcdf690\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/c860e6589b1ac346f66e114b4eadb9613768108c\"\u003e\u003ccode\u003ec860e65\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/9b4c6dc82fde0ca44e674403ece9185d85bb6d5f\"\u003e\u003ccode\u003e9b4c6dc\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/85d09a9f7aa76b32c2bb005a90a71e144c361d24\"\u003e\u003ccode\u003e85d09a9\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-mana...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `immutable` from 5.1.3 to 5.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/releases\"\u003eimmutable's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.1.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003cli\u003eUpgrade devtools and use immutable version by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2158\"\u003eimmutable-js/immutable-js#2158\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v5.1.4...v5.1.5\"\u003ehttps://github.com/immutable-js/immutable-js/compare/v5.1.4...v5.1.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.1.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2131\"\u003eimmutable-js/immutable-js#2131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse npm \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003etrusted publishing only\u003c/a\u003e to avoid token stealing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/a11y issues by \u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDoc add Map.get signature update by \u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(doc):minor-issues#2132 by \u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix algolia search by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2135\"\u003eimmutable-js/immutable-js#2135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in OrderedMap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2144\"\u003eimmutable-js/immutable-js#2144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Sort all imports and activate eslint import rule by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2119\"\u003eimmutable-js/immutable-js#2119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v5.1.3...v5.1.4\"\u003ehttps://github.com/immutable-js/immutable-js/compare/v5.1.3...v5.1.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md\"\u003eimmutable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2131\"\u003eimmutable-js/immutable-js#2131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse npm \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003etrusted publishing only\u003c/a\u003e to avoid token stealing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/a11y issues by \u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDoc add Map.get signature update by \u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(doc):minor-issues#2132 by \u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix algolia search by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2135\"\u003eimmutable-js/immutable-js#2135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in OrderedMap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2144\"\u003eimmutable-js/immutable-js#2144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Sort all imports and activate eslint import rule by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2119\"\u003eimmutable-js/immutable-js#2119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/b37b85568632227751ddc8a16034cacc0f42b652\"\u003e\u003ccode\u003eb37b855\u003c/code\u003e\u003c/a\u003e 5.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/16b3313fdf2c5f579f10799e22869f6909abf945\"\u003e\u003ccode\u003e16b3313\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/fd2ef4977ee654c5bf26368dbf2f983c8d679bd6\"\u003e\u003ccode\u003efd2ef49\u003c/code\u003e\u003c/a\u003e fix new proto key injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/6734b7b2af7e9dadf517eb9473cc64d2dfe2e301\"\u003e\u003ccode\u003e6734b7b\u003c/code\u003e\u003c/a\u003e fix Prototype Pollution in mergeDeep, toJS, etc.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/6f772de1e44dcde14128e48d19081a7a077f2162\"\u003e\u003ccode\u003e6f772de\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/2175\"\u003e#2175\u003c/a\u003e from immutable-js/dependabot/npm_and_yarn/rollup-4.59.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/5f3dc61fd0e231654f04a850b8764e7e864c54b3\"\u003e\u003ccode\u003e5f3dc61\u003c/code\u003e\u003c/a\u003e Bump rollup from 4.34.8 to 4.59.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/049a594410962c13dfd0f2d0bf0ef2154271079e\"\u003e\u003ccode\u003e049a594\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/2173\"\u003e#2173\u003c/a\u003e from immutable-js/dependabot/npm_and_yarn/lodash-4.1...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/2481a77331122eea4ace8afd4842042c6ae7510c\"\u003e\u003ccode\u003e2481a77\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/2172\"\u003e#2172\u003c/a\u003e from mrazauskas/update-tstyche\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/eb047790b44dac8e5ace49529a5c9928edfc8e12\"\u003e\u003ccode\u003eeb04779\u003c/code\u003e\u003c/a\u003e Bump lodash from 4.17.21 to 4.17.23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/b973bf3b6242c9966143169825e1e14248c07c31\"\u003e\u003ccode\u003eb973bf3\u003c/code\u003e\u003c/a\u003e format\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v5.1.3...v5.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for immutable since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ereplacer\u003c/code\u003e option (similar to option in JSON.stringify), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/339\"\u003e#339\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom \u003ccode\u003eTag\u003c/code\u003e can now handle all tags or multiple tags with the same prefix, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/385\"\u003e#385\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2cef47bebf60da141b78b085f3dea3b5733dcc12\"\u003e\u003ccode\u003e2cef47b\u003c/code\u003e\u003c/a\u003e 4.1.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/810b149ce2d475109722474d91118f0671b15e20\"\u003e\u003ccode\u003e810b149\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2b5620ed8f03ba0df319fe7710f6d7fd44811742\"\u003e\u003ccode\u003e2b5620e\u003c/code\u003e\u003c/a\u003e Export built-in types, type override now preserves order\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `markdown-it` from 14.1.0 to 14.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md\"\u003emarkdown-it's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[14.1.1] - 2026-01-11\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed regression from v13 in linkify inline rule. Specific patterns could\ncause high CPU use. Thanks to \u003ca href=\"https://github.com/ltduc147\"\u003e\u003ccode\u003e@​ltduc147\u003c/code\u003e\u003c/a\u003e for report.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/b4a9b659ef5734223731cfaa3ad5eacc6fc22918\"\u003e\u003ccode\u003eb4a9b65\u003c/code\u003e\u003c/a\u003e 14.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/4b4bbcae5e0990a5b172378e507b33a59012ed26\"\u003e\u003ccode\u003e4b4bbca\u003c/code\u003e\u003c/a\u003e Fixed perf regression in linkify-it wrapper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/d2782d892a51201b25d3eeab172201ad5a53a24c\"\u003e\u003ccode\u003ed2782d8\u003c/code\u003e\u003c/a\u003e Add supplementary example-driven documentation (\u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1092\"\u003e#1092\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/markdown-it/markdown-it/compare/14.1.0...14.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/minimatch/blob/main/changelog.md\"\u003eminimatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echange log\u003c/h1\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003ebraceExpandMax\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003emagicalBraces\u003c/code\u003e option for \u003ccode\u003eescape\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003emakeRe\u003c/code\u003e when \u003ccode\u003epartial: true\u003c/code\u003e is set.\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003emakeRe\u003c/code\u003e when pattern ends in a final \u003ccode\u003e**\u003c/code\u003e path part.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRequire node 20 or 22 and higher\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo default export, only named exports.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRecursive descent parser for extglob, allowing correct support\nfor arbitrarily nested extglob expressions\u003c/li\u003e\n\u003cli\u003eBump required Node.js version\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eescape()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eunescape()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eMinimatch.hasMagic()\u003c/code\u003e method\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for posix character classes in a unicode-aware way.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003ewindowsNoMagicRoot\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eoptimizationLevel\u003c/code\u003e configuration option, and revert the\ndefault back to the 6.2 style minimal optimizations, making the\nadvanced transforms introduced in 7.0 opt-in. Also, process\nprovided file paths in the same way in optimizationLevel:2\nmode, so \u003cem\u003emost\u003c/em\u003e things that matched with optimizationLevel 1 or\n0 \u003cem\u003eshould\u003c/em\u003e match with level 2 as well. However, level 1 is the\ndefault, out of an abundance of caution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e....\n\n_Description has been truncated_","html_url":"https://github.com/fat-fuzzy/rocks/pull/996","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/fat-fuzzy%2Frocks/issues/996","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/996/packages"},{"uuid":"4443364718","node_id":"PR_kwDOSE0U887bY28v","number":13,"state":"open","title":"build(deps): bump cookie and lighthouse in /gordon-ramsay-reservations","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-14T05:14:00.000Z","updated_at":"2026-05-14T05:15:45.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"cookie","repository_url":"https://github.com/jshttp/cookie","old_version":"0.4.2","new_version":"1.1.1"},{"name":"lighthouse","repository_url":"https://github.com/GoogleChrome/lighthouse","old_version":"11.7.1","new_version":"13.3.0"}],"path":"/gordon-ramsay-reservations","ecosystem":"npm"},"body":"Bumps [cookie](https://github.com/jshttp/cookie) to 1.1.1 and updates ancestor dependency [lighthouse](https://github.com/GoogleChrome/lighthouse). These dependencies need to be updated together.\n\nUpdates `cookie` from 0.4.2 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.4.2...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lighthouse` from 11.7.1 to 13.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/GoogleChrome/lighthouse/releases\"\u003elighthouse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev13.3.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/compare/v13.2.0...v13.3.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe expect this release to ship in the DevTools of \u003ca href=\"https://chromiumdash.appspot.com/schedule\"\u003eChrome 150\u003c/a\u003e, and to PageSpeed Insights within 2 weeks.\u003c/p\u003e\n\u003ch2\u003eNotable Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew agentic browsing category added to default config (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/17002\"\u003e#17002\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eCore\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eagentic-web: add links to category and audit descriptions (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16997\"\u003e#16997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ellms-txt: adjust titles and descriptions and add smoketests (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/17005\"\u003e#17005\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeps\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade dependencies (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/17006\"\u003e#17006\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eTests\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esmoke: widen byte efficiency wastedBytes range for ToT (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16996\"\u003e#16996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ewebmcp: add webmcp smoketests (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16999\"\u003e#16999\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebundle: update build-bundle-mcp (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16995\"\u003e#16995\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/compare/v13.1.0...v13.2.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe expect this release to ship in the DevTools of \u003ca href=\"https://chromiumdash.appspot.com/schedule\"\u003eChrome 150\u003c/a\u003e, and to PageSpeed Insights within 2 weeks.\u003c/p\u003e\n\u003ch2\u003eNew contributors\u003c/h2\u003e\n\u003cp\u003eThanks to our new contributors 👽🐷🐰🐯🐻!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003educky-duke \u003ca href=\"https://github.com/ducky-duke\"\u003e\u003ccode\u003e@​ducky-duke\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimon Zünd \u003ca href=\"https://github.com/szuend\"\u003e\u003ccode\u003e@​szuend\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Audits\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ewebmcp-form-coverage: add audit for missing webmcp tool annotations (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16964\"\u003e#16964\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ewebmcp-registered-tools: add audit to list registered webmcp tools (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16959\"\u003e#16959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ewebmcp-schema-validity: add audit to check WebMCP schema issues (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16973\"\u003e#16973\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eCore\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eimplement UKM Invalidate fallback for LCP (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16956\"\u003e#16956\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eagentic: add new agentic browsing category (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16953\"\u003e#16953\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/GoogleChrome/lighthouse/blob/main/changelog.md\"\u003elighthouse's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e13.3.0 (2026-05-07)\u003c/h1\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/compare/v13.2.0...v13.3.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe expect this release to ship in the DevTools of \u003ca href=\"https://chromiumdash.appspot.com/schedule\"\u003eChrome 150\u003c/a\u003e, and to PageSpeed Insights within 2 weeks.\u003c/p\u003e\n\u003ch2\u003eNotable Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew agentic browsing category added to default config (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/17002\"\u003e#17002\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eCore\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eagentic-web: add links to category and audit descriptions (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16997\"\u003e#16997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ellms-txt: adjust titles and descriptions and add smoketests (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/17005\"\u003e#17005\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeps\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade dependencies (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/17006\"\u003e#17006\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eTests\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esmoke: widen byte efficiency wastedBytes range for ToT (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16996\"\u003e#16996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ewebmcp: add webmcp smoketests (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16999\"\u003e#16999\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebundle: update build-bundle-mcp (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16995\"\u003e#16995\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e13.2.0 (2026-04-30)\u003c/h1\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/compare/v13.1.0...v13.2.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe expect this release to ship in the DevTools of \u003ca href=\"https://chromiumdash.appspot.com/schedule\"\u003eChrome 150\u003c/a\u003e, and to PageSpeed Insights within 2 weeks.\u003c/p\u003e\n\u003ch2\u003eNew contributors\u003c/h2\u003e\n\u003cp\u003eThanks to our new contributors 👽🐷🐰🐯🐻!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003educky-duke \u003ca href=\"https://github.com/ducky-duke\"\u003e\u003ccode\u003e@​ducky-duke\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimon Zünd \u003ca href=\"https://github.com/szuend\"\u003e\u003ccode\u003e@​szuend\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Audits\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ewebmcp-form-coverage: add audit for missing webmcp tool annotations (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16964\"\u003e#16964\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ewebmcp-registered-tools: add audit to list registered webmcp tools (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16959\"\u003e#16959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ewebmcp-schema-validity: add audit to check WebMCP schema issues (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16973\"\u003e#16973\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eCore\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eimplement UKM Invalidate fallback for LCP (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16956\"\u003e#16956\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eagentic: add new agentic browsing category (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16953\"\u003e#16953\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/7d8dcf5004950cad3faa20664e4a7cf2817bd653\"\u003e\u003ccode\u003e7d8dcf5\u003c/code\u003e\u003c/a\u003e v13.3.0 (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/issues/17008\"\u003e#17008\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/f1460505034cb8c542fd09847a87e20cbf6f31b2\"\u003e\u003ccode\u003ef146050\u003c/code\u003e\u003c/a\u003e deps: upgrade dependencies (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/issues/17006\"\u003e#17006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/ec66b4af8424d43901f956f3070aca1aa1e4c03b\"\u003e\u003ccode\u003eec66b4a\u003c/code\u003e\u003c/a\u003e core(llms-txt): adjust titles and descriptions and add smoketests (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/issues/17005\"\u003e#17005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/147d04cee1546d6ce93416495a3750e929224552\"\u003e\u003ccode\u003e147d04c\u003c/code\u003e\u003c/a\u003e tests(webmcp): add webmcp smoketests (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/issues/16999\"\u003e#16999\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/e120fadb6f58a31fb0cdebd30cd97aa9ab3c9c8f\"\u003e\u003ccode\u003ee120fad\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;clients(devtools): include agentic browsing config in devtools entry\u0026quot;...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/e796f1b6a790cb7af5ee9dae63fc495f386c3ba9\"\u003e\u003ccode\u003ee796f1b\u003c/code\u003e\u003c/a\u003e core(agentic browsing): add agentic browsing category to default config (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/issues/17002\"\u003e#17002\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/e148cc6b9d6668aa878caac66b0f3dd14261e939\"\u003e\u003ccode\u003ee148cc6\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;clients(devtools): include agentic browsing config in devtools entry\u0026quot;...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/081b1f26d31ea0d62550eea92f0d385e732b77d7\"\u003e\u003ccode\u003e081b1f2\u003c/code\u003e\u003c/a\u003e clients(devtools): include agentic browsing config in devtools entry (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/issues/16998\"\u003e#16998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/7db9ab8299dc1fceef6aa535075e232cf90bcb37\"\u003e\u003ccode\u003e7db9ab8\u003c/code\u003e\u003c/a\u003e core(agentic-web): add links to category and audit descriptions (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/issues/16997\"\u003e#16997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/8c6a64e0776bd97f2dd1603b8fd0581a5a2c8b56\"\u003e\u003ccode\u003e8c6a64e\u003c/code\u003e\u003c/a\u003e misc(bundle): update build-bundle-mcp (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/issues/16995\"\u003e#16995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/GoogleChrome/lighthouse/compare/v11.7.1...v13.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~lusayaa\"\u003elusayaa\u003c/a\u003e, a new releaser for lighthouse since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Qdreon/Gordon-Ramsay-Restaurant-Reservation-System/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Qdreon/Gordon-Ramsay-Restaurant-Reservation-System/pull/13","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Qdreon%2FGordon-Ramsay-Restaurant-Reservation-System/issues/13","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/13/packages"}],"issue_packages":[{"old_version":"0.4.1","new_version":"0.7.2","update_type":"minor","path":null,"pr_created_at":"2026-05-26T09:10:49.000Z","version_change":"0.4.1 → 0.7.2","issue":{"uuid":"4522954470","node_id":"PR_kwDOGxPQGc7fWCwC","number":6,"state":"open","title":"Bump the npm_and_yarn group across 1 directory with 31 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-26T09:10:49.000Z","updated_at":"2026-05-26T09:17:29.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":31,"packages":[{"name":"swiper","old_version":"8.0.2","new_version":"12.1.2","repository_url":"https://github.com/nolimits4web/Swiper"},{"name":"postcss","old_version":"8.4.6","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"@babel/helpers","old_version":"7.16.7","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"@babel/plugin-transform-modules-systemjs","old_version":"7.16.7","new_version":"7.29.7","repository_url":"https://github.com/babel/babel"},{"name":"js-yaml","old_version":"3.14.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"ajv","old_version":"6.12.6","new_version":"6.15.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"ajv","old_version":"8.9.0","new_version":"8.20.0","repository_url":"https://github.com/ajv-validator/ajv"},{"name":"axios","old_version":"0.21.4","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"brace-expansion","old_version":"1.1.11","new_version":"1.1.15","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"cookie","old_version":"0.4.1","new_version":"0.7.2","repository_url":"https://github.com/jshttp/cookie"},{"name":"express","old_version":"4.17.2","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"cross-spawn","old_version":"7.0.3","new_version":"7.0.6","repository_url":"https://github.com/moxystudio/node-cross-spawn"},{"name":"ejs","old_version":"3.1.6","new_version":"3.1.10","repository_url":"https://github.com/mde/ejs"},{"name":"flatted","old_version":"3.2.5","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"form-data","old_version":"3.0.1","new_version":"3.0.4","repository_url":"https://github.com/form-data/form-data"},{"name":"http-proxy-middleware","old_version":"2.0.2","new_version":"2.0.9","repository_url":"https://github.com/chimurai/http-proxy-middleware"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"},{"name":"minimatch","old_version":"3.0.4","new_version":"3.1.5","repository_url":"https://github.com/isaacs/minimatch"},{"name":"node-forge","old_version":"1.2.1","new_version":"1.4.0","repository_url":"https://github.com/digitalbazaar/forge"},{"name":"on-headers","old_version":"1.0.2","new_version":"1.1.0","repository_url":"https://github.com/jshttp/on-headers"},{"name":"picomatch","old_version":"2.3.1","new_version":"2.3.2","repository_url":"https://github.com/micromatch/picomatch"},{"name":"react-router","old_version":"6.2.1","new_version":"6.30.3","repository_url":"https://github.com/remix-run/react-router"},{"name":"rollup","old_version":"2.66.1","new_version":"2.80.0","repository_url":"https://github.com/rollup/rollup"},{"name":"webpack","old_version":"5.68.0","new_version":"5.107.2","repository_url":"https://github.com/webpack/webpack"},{"name":"ws","old_version":"8.4.2","new_version":"8.21.0","repository_url":"https://github.com/websockets/ws"},{"name":"ws","old_version":"7.5.6","new_version":"7.5.11","repository_url":"https://github.com/websockets/ws"},{"name":"yaml","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/eemeli/yaml"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 25 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [swiper](https://github.com/nolimits4web/Swiper) | `8.0.2` | `12.1.2` |\n| [postcss](https://github.com/postcss/postcss) | `8.4.6` | `8.5.10` |\n| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.16.7` | `7.29.7` |\n| [@babel/plugin-transform-modules-systemjs](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs) | `7.16.7` | `7.29.7` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.14.2` |\n| [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` |\n| [ajv](https://github.com/ajv-validator/ajv) | `8.9.0` | `8.20.0` |\n| [axios](https://github.com/axios/axios) | `0.21.4` | `1.16.1` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.15` |\n| [cookie](https://github.com/jshttp/cookie) | `0.4.1` | `0.7.2` |\n| [express](https://github.com/expressjs/express) | `4.17.2` | `4.22.2` |\n| [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` |\n| [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.5` | `3.4.2` |\n| [form-data](https://github.com/form-data/form-data) | `3.0.1` | `3.0.4` |\n| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.2` | `2.0.9` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.21` | `4.18.1` |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |\n| [node-forge](https://github.com/digitalbazaar/forge) | `1.2.1` | `1.4.0` |\n| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |\n| [picomatch](https://github.com/micromatch/picomatch) | `2.3.1` | `2.3.2` |\n| [react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router) | `6.2.1` | `6.30.3` |\n| [rollup](https://github.com/rollup/rollup) | `2.66.1` | `2.80.0` |\n| [webpack](https://github.com/webpack/webpack) | `5.68.0` | `5.107.2` |\n| [ws](https://github.com/websockets/ws) | `8.4.2` | `8.21.0` |\n| [ws](https://github.com/websockets/ws) | `7.5.6` | `7.5.11` |\n| [yaml](https://github.com/eemeli/yaml) | `1.10.2` | `1.10.3` |\n\n\nUpdates `swiper` from 8.0.2 to 12.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nolimits4web/Swiper/releases\"\u003eswiper's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev12.1.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev12.1.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ea11y:\u003c/strong\u003e fix focus in virtual mode enabled (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e3055008\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8147\"\u003e#8147\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e60b0052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8156\"\u003e#8156\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e07738a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e6bf76d5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.1.0\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eautoplay:\u003c/strong\u003e broken custom delay percentages with pause/resume (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8133\"\u003e#8133\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0afecde9781268a60a92f752ea3a3a92420e2dcf\"\u003e0afecde\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Don't use \u003ccode\u003edata-swiper-slide-index\u003c/code\u003e for \u003ccode\u003erealIndex\u003c/code\u003e when virtual module is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8142\"\u003e#8142\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/bd957f8396f711b83dc1bc6b3d42a59e6d6539d2\"\u003ebd957f8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Escape all CSS selector special characters (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/d35f41a85bd1793de58358d06300440e09187a6d\"\u003ed35f41a\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8135\"\u003e#8135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support slidesOffsetBefore and slidesOffsetAfert in cssMode (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e45b98d0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/7926\"\u003e#7926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix lazy preloader removal error in react in vue (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/332f5c77005921c8a260f199cdfe6d3aa5d209a1\"\u003e332f5c7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8149\"\u003e#8149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ethumbs:\u003c/strong\u003e update slide classes on virtual swiper update (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8141\"\u003e#8141\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/975277111b73f389043cb0ed19feee0244a80f57\"\u003e9752771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Add \u003ccode\u003eautoScroll\u003c/code\u003e to \u003ccode\u003ethumbs.update\u003c/code\u003e type signature (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8146\"\u003e#8146\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/5d91e6edb4ce35d70019616b51f1e380feb9a082\"\u003e5d91e6e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ezoom:\u003c/strong\u003e initialize gesture state after programmatic zoom (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8112\"\u003e#8112\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/71e9511802c34482bc8b66abda19a1a518d88d36\"\u003e71e9511\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ekeyboard:\u003c/strong\u003e add support for custom speed parameter in keyboard navigation (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8148\"\u003e#8148\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/7a4a0e5fc3c85710a37ab021328e083fc3b14e16\"\u003e7a4a0e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enew snapToSlideEdge parameter (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/de3131fbf72cccbf1d1473f787ddf15c74612584\"\u003ede3131f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8021\"\u003e#8021\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/4780\"\u003e#4780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.3\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eelement:\u003c/strong\u003e fixed reference to nav arrows SVG (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0b17ecf56bf941e4a5da2a2c171d5e16a9e4552b\"\u003e0b17ecf\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8115\"\u003e#8115\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e add 'getRotateFix' export to effect utils (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/c97ae5d0069cf3d5c745efb63ced9924a64d2453\"\u003ec97ae5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8114\"\u003e#8114\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.2\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e add styles for when buttons set before slider (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/4588c5719d4d828548c34f456de099f621f4c709\"\u003e4588c57\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8085\"\u003e#8085\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e new \u003ccode\u003eaddIcons\u003c/code\u003e parameter to add SVG icons to nav buttons (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/b955b0c15c3b813bbda7a68cdd250f8a822015df\"\u003eb955b0c\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8088\"\u003e#8088\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8087\"\u003e#8087\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003enavigation:\u003c/strong\u003e tweak nav styles when adjacent (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/98440d9621c2b06c1c45edf8f4103ce5125e8231\"\u003e98440d9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev12.0.0\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nolimits4web/swiper/blob/master/CHANGELOG.md\"\u003eswiper's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.1.3...v12.1.4\"\u003e12.1.4\u003c/a\u003e (2026-04-29)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove redundant aria-disabled=false from swiper nav button (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8176\"\u003e#8176\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/673092978a54ee3aff82633dd50880011a2a362f\"\u003e6730929\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003epackage:\u003c/strong\u003e add TS declarations for CSS files (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/ea3081b8c5863b297a240a0698804121c9e6c118\"\u003eea3081b\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8055\"\u003e#8055\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ereact:\u003c/strong\u003e expose isFullyVisible in SwiperSlide render props (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8175\"\u003e#8175\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/3af0002acfc18a5ec450b3a2354d6187a64797e8\"\u003e3af0002\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.1.1...v12.1.3\"\u003e12.1.3\u003c/a\u003e (2026-03-24)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e use virtual slides count in onResize when virtual mode is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8163\"\u003e#8163\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/44000834d05ac339a9c4dfbaaa3f60c1a0631cff\"\u003e4400083\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003egrid:\u003c/strong\u003e round down \u003ccode\u003eslidesPerView\u003c/code\u003e before calculating number of slides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8172\"\u003e#8172\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/49a55ab2c89c63679cdd21d389ec7ef9d9d375f4\"\u003e49a55ab\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eelement:\u003c/strong\u003e add navigation button slots (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/cc8224177d5f577b672e37b9386f7388d71ba3c3\"\u003ecc82241\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.1.0...v12.1.1\"\u003e12.1.1\u003c/a\u003e (2026-02-13)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ea11y:\u003c/strong\u003e fix focus in virtual mode enabled (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e3055008\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8147\"\u003e#8147\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e60b0052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8156\"\u003e#8156\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e07738a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e6bf76d5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v12.0.3...v12.1.0\"\u003e12.1.0\u003c/a\u003e (2026-01-28)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eautoplay:\u003c/strong\u003e broken custom delay percentages with pause/resume (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8133\"\u003e#8133\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/0afecde9781268a60a92f752ea3a3a92420e2dcf\"\u003e0afecde\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Don't use \u003ccode\u003edata-swiper-slide-index\u003c/code\u003e for \u003ccode\u003erealIndex\u003c/code\u003e when virtual module is enabled (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8142\"\u003e#8142\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/bd957f8396f711b83dc1bc6b3d42a59e6d6539d2\"\u003ebd957f8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e Escape all CSS selector special characters (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/d35f41a85bd1793de58358d06300440e09187a6d\"\u003ed35f41a\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8135\"\u003e#8135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecore:\u003c/strong\u003e support slidesOffsetBefore and slidesOffsetAfert in cssMode (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e45b98d0\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/7926\"\u003e#7926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix lazy preloader removal error in react in vue (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/332f5c77005921c8a260f199cdfe6d3aa5d209a1\"\u003e332f5c7\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8149\"\u003e#8149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ethumbs:\u003c/strong\u003e update slide classes on virtual swiper update (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8141\"\u003e#8141\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/975277111b73f389043cb0ed19feee0244a80f57\"\u003e9752771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e Add \u003ccode\u003eautoScroll\u003c/code\u003e to \u003ccode\u003ethumbs.update\u003c/code\u003e type signature (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8146\"\u003e#8146\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/5d91e6edb4ce35d70019616b51f1e380feb9a082\"\u003e5d91e6e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ezoom:\u003c/strong\u003e initialize gesture state after programmatic zoom (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8112\"\u003e#8112\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/71e9511802c34482bc8b66abda19a1a518d88d36\"\u003e71e9511\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ekeyboard:\u003c/strong\u003e add support for custom speed parameter in keyboard navigation (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8148\"\u003e#8148\u003c/a\u003e) (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/7a4a0e5fc3c85710a37ab021328e083fc3b14e16\"\u003e7a4a0e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enew snapToSlideEdge parameter (\u003ca href=\"https://github.com/nolimits4web/Swiper/commit/de3131fbf72cccbf1d1473f787ddf15c74612584\"\u003ede3131f\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8021\"\u003e#8021\u003c/a\u003e \u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/4780\"\u003e#4780\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/2fd88b718b6854e8d6be7f183e68b73b68dae816\"\u003e\u003ccode\u003e2fd88b7\u003c/code\u003e\u003c/a\u003e 12.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/d3e663322a13043ca63aaba235d8cf3900e0c8cf\"\u003e\u003ccode\u003ed3e6633\u003c/code\u003e\u003c/a\u003e fix prototype pollution bypass in extend() util\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/70c48c16f99affa29236ac13b16a37f43da38ae0\"\u003e\u003ccode\u003e70c48c1\u003c/code\u003e\u003c/a\u003e 12.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/30550088fd089600aec2d7f8924b88cff13abbe9\"\u003e\u003ccode\u003e3055008\u003c/code\u003e\u003c/a\u003e fix(a11y): fix focus in virtual mode enabled\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/60b005222a801029a4a00d319517028afba7af18\"\u003e\u003ccode\u003e60b0052\u003c/code\u003e\u003c/a\u003e fix(core): avoid double-subtracting offsets in centerInsufficientSlides (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8158\"\u003e#8158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/6bf76d573196c61db1328350c11e2c44f5d3ec08\"\u003e\u003ccode\u003e6bf76d5\u003c/code\u003e\u003c/a\u003e fix(types): support boolean as a11y value (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8157\"\u003e#8157\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/07738a233b70535c36126c5b579f2bb40049da6c\"\u003e\u003ccode\u003e07738a2\u003c/code\u003e\u003c/a\u003e fix(core): prevent duplicate module initialization in constructor (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8155\"\u003e#8155\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/nolimits4web/Swiper/issues/8\"\u003e#8\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/3a1777aa7aefe168eac330f308cedd8c3f4a81e4\"\u003e\u003ccode\u003e3a1777a\u003c/code\u003e\u003c/a\u003e 12.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/3bc6cfe55421053864f6f53494841959748f332a\"\u003e\u003ccode\u003e3bc6cfe\u003c/code\u003e\u003c/a\u003e 12.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nolimits4web/swiper/commit/45b98d02b2235b0c425f8bd60ebdc04d7b1a4fbd\"\u003e\u003ccode\u003e45b98d0\u003c/code\u003e\u003c/a\u003e fix(core): support slidesOffsetBefore and slidesOffsetAfert in cssMode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nolimits4web/Swiper/compare/v8.0.2...v12.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.4.6 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003ePostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e during \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/1995\"\u003ehis work\u003c/a\u003e on \u003ca href=\"https://stylelint.io\"\u003eStylelint\u003c/a\u003e added \u003ccode\u003eInput#document\u003c/code\u003e in additional to \u003ccode\u003eInput#css\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eroot.source.input.document //=\u0026gt; \u0026quot;\u0026lt;p\u0026gt;Hello\u0026lt;/p\u0026gt;\r\n                           //    \u0026lt;style\u0026gt;\r\n                           //    p {\r\n                           //      color: green;\r\n                           //    }\r\n                           //    \u0026lt;/style\u0026gt;\u0026quot;\r\nroot.source.input.css      //=\u0026gt; \u0026quot;p {\r\n                           //      color: green;\r\n                           //    }\u0026quot;\r\n\u003cp\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eInput#document\u003c/code\u003e for sources like CSS-in-JS or HTML (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.4.49\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax without \u003ccode\u003esource.offset\u003c/code\u003e (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.4.6...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/helpers` from 7.16.7 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/helpers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/37d5595fca9f188f0534458180611f2e776acd31\"\u003e\u003ccode\u003e37d5595\u003c/code\u003e\u003c/a\u003e v7.29.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/1c0a08d95ae7e1c788c7e1ae3a10ee53f7c86864\"\u003e\u003ccode\u003e1c0a08d\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Properly handle await in finally (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17805\"\u003e#17805\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c1b55f6ad56523ccc96fa68721de0bed2f2cdb23\"\u003e\u003ccode\u003ec1b55f6\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eeslint.config.mts\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17573\"\u003e#17573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/35055e392079a65830b7bf5b1d1c1fc4de90a78f\"\u003e\u003ccode\u003e35055e3\u003c/code\u003e\u003c/a\u003e v7.28.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/18d88b83c67c8dbbe63e4ac423e6006c4c01b85c\"\u003e\u003ccode\u003e18d88b8\u003c/code\u003e\u003c/a\u003e Improve \u003ccode\u003e@​babel/core\u003c/code\u003e typings (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17471\"\u003e#17471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/ef155f5ca83c73dbc1ea8d95216830b7dc3b0ac2\"\u003e\u003ccode\u003eef155f5\u003c/code\u003e\u003c/a\u003e v7.28.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/741cbd2381ac0cda3afd42bc04454a87d9d8762a\"\u003e\u003ccode\u003e741cbd2\u003c/code\u003e\u003c/a\u003e chore: fix various typos across codebase (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-helpers/issues/17476\"\u003e#17476\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-helpers\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/helpers\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/plugin-transform-modules-systemjs` from 7.16.7 to 7.29.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/plugin-transform-modules-systemjs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.7 (2026-05-25)\u003c/h2\u003e\n\u003cp\u003eRe-release all packages with npm provenance attestations\u003c/p\u003e\n\u003ch2\u003ev7.29.6 (2026-05-25)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18014\"\u003e#18014\u003c/a\u003e Catchup source map position in preserveFormat (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/18001\"\u003e#18001\u003c/a\u003e [7.x packport]Improve input source map handling (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-generator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17998\"\u003e#17998\u003c/a\u003e Preserve original identifier names from input sourcemaps (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17992\"\u003e#17992\u003c/a\u003e) (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 3\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMateusz Burzyński (\u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.5 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:house:  Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@babel/*\u003c/code\u003e dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.4 (2026-05-05)\u003c/h2\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-modules-systemjs\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17974\"\u003e#17974\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 1\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.29.3 (2026-04-30)\u003c/h2\u003e\n\u003ch4\u003e:eyeglasses: Spec Compliance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17923\"\u003e#17923\u003c/a\u003e Support flow extends bound (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-helper-create-class-features-plugin\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17931\"\u003e#17931\u003c/a\u003e fix(decorators): replace super within all removed static elements (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-register\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17915\"\u003e#17915\u003c/a\u003e Fix thread synchronization issues in \u003ccode\u003e@babel/register\u003c/code\u003e (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-compat-data\u003c/code\u003e, \u003ccode\u003ebabel-plugin-bugfix-safari-rest-destructuring-rhs-array\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17788\"\u003e#17788\u003c/a\u003e Add bugfix plugin for Safari array rest destructuring bug (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/4fba7541180bf5f58256d8e358b544e3831ad090\"\u003e\u003ccode\u003e4fba754\u003c/code\u003e\u003c/a\u003e v7.29.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a458f66074b97d54773db8159af673d23b26079b\"\u003e\u003ccode\u003ea458f66\u003c/code\u003e\u003c/a\u003e v7.29.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/32ebd5aaf2526ddd176fd6a3d1e3dc594abdc8d9\"\u003e\u003ccode\u003e32ebd5a\u003c/code\u003e\u003c/a\u003e [7.x backport]fix(systemjs): improve module string name support (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17974\"\u003e#17974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/0053db620c05acf0036f593b5aaf4e372daa79d0\"\u003e\u003ccode\u003e0053db6\u003c/code\u003e\u003c/a\u003e Update polyfill packages (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17727\"\u003e#17727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/61647ae2397c82c3c71f077b5ab109106a5cac0f\"\u003e\u003ccode\u003e61647ae\u003c/code\u003e\u003c/a\u003e v7.28.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a177d551adba99773f4ff00ea9bf46550def6132\"\u003e\u003ccode\u003ea177d55\u003c/code\u003e\u003c/a\u003e [Babel 8] Use \u003ccode\u003et.traverseFast\u003c/code\u003e to replace some \u003ccode\u003epath.traverse\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17518\"\u003e#17518\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/eebd3a06021c13d335b5b0bd79734df3abbea678\"\u003e\u003ccode\u003eeebd3a0\u003c/code\u003e\u003c/a\u003e v7.27.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/317e332e650bc04907bc787ab79f930288a3e71e\"\u003e\u003ccode\u003e317e332\u003c/code\u003e\u003c/a\u003e Enforce node protocol import (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17207\"\u003e#17207\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/fdc0fb59e119ee0b38bced63867a344a5b4bc2f3\"\u003e\u003ccode\u003efdc0fb5\u003c/code\u003e\u003c/a\u003e [Babel 8] Bump nodejs requirements to \u003ccode\u003e^20.19.0 || \u0026gt;= 22.12.0\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-modules-systemjs/issues/17204\"\u003e#17204\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.7/packages/babel-plugin-transform-modules-systemjs\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/plugin-transform-modules-systemjs\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 3.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[3.14.2] - 2025-11-15\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBackported v4.1.1 fix to v3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/9963d366dfbde0c69722452bcd40b41e7e4160a0\"\u003e\u003ccode\u003e9963d36\u003c/code\u003e\u003c/a\u003e 3.14.2 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/10d3c8e70a6888543f5cdb656bb39f73e0ea77c1\"\u003e\u003ccode\u003e10d3c8e\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/5278870a17454fe8621dbd8c445c412529525266\"\u003e\u003ccode\u003e5278870\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;) (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/731\"\u003e#731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 6.12.6 to 6.15.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ajv` from 8.9.0 to 8.20.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/184bc32745d9d33b2322949b9f3cb5f7609bf5ec\"\u003e\u003ccode\u003e184bc32\u003c/code\u003e\u003c/a\u003e 6.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/fea46afd1a76b12ff89493f6dc1bc46730c6d379\"\u003e\u003ccode\u003efea46af\u003c/code\u003e\u003c/a\u003e test/fix prototype pollution via $data ref with format keyword (\u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/2606\"\u003e#2606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/e3af0a723b4b7ad86eff43be355c706d31e0e915\"\u003e\u003ccode\u003ee3af0a7\u003c/code\u003e\u003c/a\u003e 6.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/b552ed66191eb338498df3196065c777e3bb71f2\"\u003e\u003ccode\u003eb552ed6\u003c/code\u003e\u003c/a\u003e add regExp option to address $data exploit via a regular expression (CVE-2025...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/72f228665859eed5e2be3a66f8c4a7aff6b34dcf\"\u003e\u003ccode\u003e72f2286\u003c/code\u003e\u003c/a\u003e docs: update v7 info\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/231e52b3bca62559202b95e5fb5cee02145b226a\"\u003e\u003ccode\u003e231e52b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/ajv-validator/ajv/issues/1320\"\u003e#1320\u003c/a\u003e from philsturgeon/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/d3475fc20416c33fe030c8aa3b09fa411f325bbd\"\u003e\u003ccode\u003ed3475fc\u003c/code\u003e\u003c/a\u003e Add spectral, an AJV util from a sponsor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/413afe01f518ea74d1740a7cb211df787c585544\"\u003e\u003ccode\u003e413afe0\u003c/code\u003e\u003c/a\u003e docs: v7.0.0-beta.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ajv-validator/ajv/commit/11e997bda2f3eecb445c1e5a07d96ef7e81c5f5d\"\u003e\u003ccode\u003e11e997b\u003c/code\u003e\u003c/a\u003e update readme for v7\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ajv-validator/ajv/compare/v6.12.6...v6.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 0.21.4 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/blob/v1.x/CHANGELOG.md\"\u003eaxios's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/tommyhgunz14\"\u003e\u003ccode\u003e@​tommyhgunz14\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/divyanshuraj1095\"\u003e\u003ccode\u003e@​divyanshuraj1095\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/sagodi97\"\u003e\u003ccode\u003e@​sagodi97\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/rkdfx\"\u003e\u003ccode\u003e@​rkdfx\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/Liuwei1125\"\u003e\u003ccode\u003e@​Liuwei1125\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/axios/axios/compare/v1.16.0...v1.16.1\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.16.0 — May 2, 2026\u003c/h2\u003e\n\u003cp\u003eThis release adds support for the QUERY HTTP method and a new \u003ccode\u003eECONNREFUSED\u003c/code\u003e error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.\u003c/p\u003e\n\u003ch2\u003e⚠️ Notable Changes\u003c/h2\u003e\n\u003cp\u003eA handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/1337d6b537afb2d3f501074c8ac4ef4308221197\"\u003e\u003ccode\u003e1337d6b\u003c/code\u003e\u003c/a\u003e chore(release): prepare release 1.16.1 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10877\"\u003e#10877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/858a790cec06054547d0d3f941916d6fb2a4d18e\"\u003e\u003ccode\u003e858a790\u003c/code\u003e\u003c/a\u003e fix: remove all caches (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/34adfd90efc9c145488399e1cf7fa96de67080fa\"\u003e\u003ccode\u003e34adfd9\u003c/code\u003e\u003c/a\u003e revert: \u0026quot;fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/847d89b43654405d9a231e0b669832c2092b621f\"\u003e\u003ccode\u003e847d89b\u003c/code\u003e\u003c/a\u003e fix: support URL object as config.url input (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/40948863677bb793bfff0293cce7e7b4f8a1b212\"\u003e\u003ccode\u003e4094886\u003c/code\u003e\u003c/a\u003e fix(progress): guard malformed XHR upload events (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/44f0c5bf73c45df6009365141faa394d73596bd7\"\u003e\u003ccode\u003e44f0c5b\u003c/code\u003e\u003c/a\u003e chore: change sponsorship link and add Twicsy advertisement (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/64e1095efedc64c9fecf5176bd9cf2e5e93140d6\"\u003e\u003ccode\u003e64e1095\u003c/code\u003e\u003c/a\u003e chore: update PR and issue template to use h2 (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10865\"\u003e#10865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/3e6b4e1f311b43aa1dc77d78150a601d9fe4b280\"\u003e\u003ccode\u003e3e6b4e1\u003c/code\u003e\u003c/a\u003e fix: error unexpected token in fetch JS compatibility issue with Webpack 4 (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/c4453bab70f53575175903aee60810c821f72129\"\u003e\u003ccode\u003ec4453ba\u003c/code\u003e\u003c/a\u003e fix: add the ability to add additional sponsors to the process sponsors scrip...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/axios/axios/commit/caa00a90b524bb67ed033474abcf4d8645ced793\"\u003e\u003ccode\u003ecaa00a9\u003c/code\u003e\u003c/a\u003e fix: https data in cleartext to proxy (\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/axios/axios/compare/v0.21.4...v1.16.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for axios since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.11 to 1.1.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)  0b09384\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.14...v1.1.15\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 1.x  c460dbd\u003c/li\u003e\n\u003cli\u003efmt  ccb8ac6\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  c3c73c8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/2203f4f4895eba16c4d408b4219ce1b8e5f6ff24\"\u003e\u003ccode\u003e2203f4f\u003c/code\u003e\u003c/a\u003e 1.1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/0b0938410732370559704230724ca4a44d1b29fd\"\u003e\u003ccode\u003e0b09384\u003c/code\u003e\u003c/a\u003e Backport v5.0.6 change to v1 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/10c05fcf3699b1a29ef5e611c011af3d3c97e6e3\"\u003e\u003ccode\u003e10c05fc\u003c/code\u003e\u003c/a\u003e 1.1.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1afa1b22ead12f6a7a02f25bf0f7d64c2439b007\"\u003e\u003ccode\u003e1afa1b2\u003c/code\u003e\u003c/a\u003e Add opt-in...\n\n_Description has been truncated_","html_url":"https://github.com/muhammadali1995/muck-23/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/muhammadali1995%2Fmuck-23/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"0.7.2","new_version":"1.1.1","update_type":"major","path":null,"pr_created_at":"2026-05-25T23:45:30.000Z","version_change":"0.7.2 → 1.1.1","issue":{"uuid":"4520161722","node_id":"PR_kwDOSb0Yws7fM90G","number":9,"state":"open","title":"Bump the production-dependencies group across 1 directory with 37 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T23:45:30.000Z","updated_at":"2026-05-25T23:48:42.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"production-dependencies","update_count":37,"packages":[{"name":"oxlint-tsgolint","old_version":"0.22.1","new_version":"0.23.0","repository_url":"https://github.com/oxc-project/tsgolint"},{"name":"fumadocs-core","old_version":"16.8.11","new_version":"16.9.1","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"fumadocs-mdx","old_version":"15.0.4","new_version":"15.0.8","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"fumadocs-ui","old_version":"16.8.11","new_version":"16.9.1","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"@types/node","old_version":"25.8.0","new_version":"25.9.1","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"@types/react","old_version":"19.2.14","new_version":"19.2.15","repository_url":"https://github.com/DefinitelyTyped/DefinitelyTyped"},{"name":"react-email","old_version":"6.1.4","new_version":"6.3.3","repository_url":"https://github.com/resend/react-email"},{"name":"@tanstack/react-query","old_version":"5.100.10","new_version":"5.100.14","repository_url":"https://github.com/TanStack/query"},{"name":"@scalar/hono-api-reference","old_version":"0.10.14","new_version":"0.10.19","repository_url":"https://github.com/scalar/scalar"},{"name":"nodemailer","old_version":"8.0.7","new_version":"8.0.8","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"resend","old_version":"6.12.3","new_version":"6.12.4","repository_url":"https://github.com/resend/resend-node"},{"name":"dodopayments","old_version":"2.31.2","new_version":"2.32.0","repository_url":"https://github.com/dodopayments/dodopayments-typescript"},{"name":"@ai-sdk/anthropic","old_version":"3.0.77","new_version":"3.0.79","repository_url":"https://github.com/vercel/ai"},{"name":"@ai-sdk/openai","old_version":"3.0.63","new_version":"3.0.65","repository_url":"https://github.com/vercel/ai"},{"name":"@ai-sdk/react","old_version":"3.0.184","new_version":"3.0.193","repository_url":"https://github.com/vercel/ai"},{"name":"@aws-sdk/client-s3","old_version":"3.1046.0","new_version":"3.1053.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@aws-sdk/s3-request-presigner","old_version":"3.1046.0","new_version":"3.1053.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@hookform/resolvers","old_version":"5.2.2","new_version":"5.4.0","repository_url":"https://github.com/react-hook-form/resolvers"},{"name":"@shikijs/rehype","old_version":"4.0.2","new_version":"4.1.0","repository_url":"https://github.com/shikijs/shiki"},{"name":"@vitest/coverage-v8","old_version":"4.1.6","new_version":"4.1.7","repository_url":"https://github.com/vitest-dev/vitest"},{"name":"ai","old_version":"6.0.182","new_version":"6.0.191","repository_url":"https://github.com/vercel/ai"},{"name":"cookie","old_version":"0.7.2","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"},{"name":"date-fns","old_version":"4.1.0","new_version":"4.3.0","repository_url":"https://github.com/date-fns/date-fns"},{"name":"dotenv","old_version":"16.6.1","new_version":"17.4.2","repository_url":"https://github.com/motdotla/dotenv"},{"name":"es-toolkit","old_version":"1.46.1","new_version":"1.47.0","repository_url":"https://github.com/toss/es-toolkit"},{"name":"hono","old_version":"4.12.16","new_version":"4.12.23","repository_url":"https://github.com/honojs/hono"},{"name":"js-cookie","old_version":"3.0.5","new_version":"3.0.7","repository_url":"https://github.com/js-cookie/js-cookie"},{"name":"nanoid","old_version":"3.3.12","new_version":"5.1.11","repository_url":"https://github.com/ai/nanoid"},{"name":"openai","old_version":"6.37.0","new_version":"6.39.0","repository_url":"https://github.com/openai/openai-node"},{"name":"oxfmt","old_version":"0.49.0","new_version":"0.51.0","repository_url":"https://github.com/oxc-project/oxc"},{"name":"oxlint","old_version":"1.64.0","new_version":"1.66.0","repository_url":"https://github.com/oxc-project/oxc"},{"name":"pg","old_version":"8.20.0","new_version":"8.21.0","repository_url":"https://github.com/brianc/node-postgres"},{"name":"postcss","old_version":"8.5.14","new_version":"8.5.15","repository_url":"https://github.com/postcss/postcss"},{"name":"react-hook-form","old_version":"7.75.0","new_version":"7.76.1","repository_url":"https://github.com/react-hook-form/react-hook-form"},{"name":"tsx","old_version":"4.21.0","new_version":"4.22.3","repository_url":"https://github.com/privatenumber/tsx"},{"name":"uuid","old_version":"9.0.1","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"vitest","old_version":"4.1.6","new_version":"4.1.7","repository_url":"https://github.com/vitest-dev/vitest"}],"path":null,"ecosystem":"npm"},"body":"Bumps the production-dependencies group with 37 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [oxlint-tsgolint](https://github.com/oxc-project/tsgolint) | `0.22.1` | `0.23.0` |\n| [fumadocs-core](https://github.com/fuma-nama/fumadocs) | `16.8.11` | `16.9.1` |\n| [fumadocs-mdx](https://github.com/fuma-nama/fumadocs) | `15.0.4` | `15.0.8` |\n| [fumadocs-ui](https://github.com/fuma-nama/fumadocs) | `16.8.11` | `16.9.1` |\n| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.8.0` | `25.9.1` |\n| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.15` |\n| [react-email](https://github.com/resend/react-email/tree/HEAD/packages/react-email) | `6.1.4` | `6.3.3` |\n| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.100.10` | `5.100.14` |\n| [@scalar/hono-api-reference](https://github.com/scalar/scalar/tree/HEAD/integrations/hono) | `0.10.14` | `0.10.19` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `8.0.7` | `8.0.8` |\n| [resend](https://github.com/resend/resend-node) | `6.12.3` | `6.12.4` |\n| [dodopayments](https://github.com/dodopayments/dodopayments-typescript) | `2.31.2` | `2.32.0` |\n| [@ai-sdk/anthropic](https://github.com/vercel/ai/tree/HEAD/packages/anthropic) | `3.0.77` | `3.0.79` |\n| [@ai-sdk/openai](https://github.com/vercel/ai/tree/HEAD/packages/openai) | `3.0.63` | `3.0.65` |\n| [@ai-sdk/react](https://github.com/vercel/ai/tree/HEAD/packages/react) | `3.0.184` | `3.0.193` |\n| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1046.0` | `3.1053.0` |\n| [@aws-sdk/s3-request-presigner](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner) | `3.1046.0` | `3.1053.0` |\n| [@hookform/resolvers](https://github.com/react-hook-form/resolvers) | `5.2.2` | `5.4.0` |\n| [@shikijs/rehype](https://github.com/shikijs/shiki/tree/HEAD/packages/rehype) | `4.0.2` | `4.1.0` |\n| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.6` | `4.1.7` |\n| [ai](https://github.com/vercel/ai/tree/HEAD/packages/ai) | `6.0.182` | `6.0.191` |\n| [cookie](https://github.com/jshttp/cookie) | `0.7.2` | `1.1.1` |\n| [date-fns](https://github.com/date-fns/date-fns) | `4.1.0` | `4.3.0` |\n| [dotenv](https://github.com/motdotla/dotenv) | `16.6.1` | `17.4.2` |\n| [es-toolkit](https://github.com/toss/es-toolkit) | `1.46.1` | `1.47.0` |\n| [hono](https://github.com/honojs/hono) | `4.12.16` | `4.12.23` |\n| [js-cookie](https://github.com/js-cookie/js-cookie) | `3.0.5` | `3.0.7` |\n| [nanoid](https://github.com/ai/nanoid) | `3.3.12` | `5.1.11` |\n| [openai](https://github.com/openai/openai-node) | `6.37.0` | `6.39.0` |\n| [oxfmt](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxfmt) | `0.49.0` | `0.51.0` |\n| [oxlint](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxlint) | `1.64.0` | `1.66.0` |\n| [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.20.0` | `8.21.0` |\n| [postcss](https://github.com/postcss/postcss) | `8.5.14` | `8.5.15` |\n| [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.75.0` | `7.76.1` |\n| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.3` |\n| [uuid](https://github.com/uuidjs/uuid) | `9.0.1` | `14.0.0` |\n| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.6` | `4.1.7` |\n\n\nUpdates `oxlint-tsgolint` from 0.22.1 to 0.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/oxc-project/tsgolint/releases\"\u003eoxlint-tsgolint's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): update crate-ci/typos action to v1.45.2 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/915\"\u003eoxc-project/tsgolint#915\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add skill for upgrading typescript-go by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/918\"\u003eoxc-project/tsgolint#918\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update pnpm to v10.33.2 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/921\"\u003eoxc-project/tsgolint#921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update typescript-go submodule by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/922\"\u003eoxc-project/tsgolint#922\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: attach tsconfig path to diagnostics by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/923\"\u003eoxc-project/tsgolint#923\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(prefer-nullish-coalescing): parenthesize mixed logical fixes by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/924\"\u003eoxc-project/tsgolint#924\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etests(return-await): cover non-async arrow functions by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/926\"\u003eoxc-project/tsgolint#926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update github.com/go-json-experiment/json digest to b6187a3 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/927\"\u003eoxc-project/tsgolint#927\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update github actions by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/928\"\u003eoxc-project/tsgolint#928\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update crate-ci/typos action to v1.46.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/929\"\u003eoxc-project/tsgolint#929\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update module github.com/dlclark/regexp2 to v2 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/930\"\u003eoxc-project/tsgolint#930\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update typescript-go submodule by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/931\"\u003eoxc-project/tsgolint#931\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update typescript-go digest to 48e2953 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/933\"\u003eoxc-project/tsgolint#933\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update typescript-go digest to 5eb880f by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/936\"\u003eoxc-project/tsgolint#936\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(no-misused-promises): handle empty JSX attributes by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/938\"\u003eoxc-project/tsgolint#938\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(no-unsafe-enum-comparison): flag string literal unions by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/937\"\u003eoxc-project/tsgolint#937\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update typescript-go digest to e1f8f97 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/939\"\u003eoxc-project/tsgolint#939\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update typescript-go digest to 092b34f by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/940\"\u003eoxc-project/tsgolint#940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: configure typescript-go renovate schedule by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/941\"\u003eoxc-project/tsgolint#941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update github actions by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/945\"\u003eoxc-project/tsgolint#945\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency dprint-typescript to v0.96.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/947\"\u003eoxc-project/tsgolint#947\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update gomod by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/946\"\u003eoxc-project/tsgolint#946\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update crate-ci/typos action to v1.46.1 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/948\"\u003eoxc-project/tsgolint#948\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(prefer-nullish-coalescing): emit suggestion over fix by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/951\"\u003eoxc-project/tsgolint#951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update packageManager to pnpm 11.0.4 by \u003ca href=\"https://github.com/Boshen\"\u003e\u003ccode\u003e@​Boshen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/953\"\u003eoxc-project/tsgolint#953\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update typescript-go submodule by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/955\"\u003eoxc-project/tsgolint#955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(no-nullable-type-assertion-style): use suggestion instead of fix by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/956\"\u003eoxc-project/tsgolint#956\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update Go version requirement to 1.26 in CONTRIBUTING.md. by \u003ca href=\"https://github.com/connorshea\"\u003e\u003ccode\u003e@​connorshea\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/957\"\u003eoxc-project/tsgolint#957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: allow safe promise intersection members by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/959\"\u003eoxc-project/tsgolint#959\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: switch security workflow to ubuntu-latest by \u003ca href=\"https://github.com/Boshen\"\u003e\u003ccode\u003e@​Boshen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/962\"\u003eoxc-project/tsgolint#962\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency vitest to v4.1.6 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/963\"\u003eoxc-project/tsgolint#963\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update module github.com/dlclark/regexp2/v2 to v2.0.3 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/964\"\u003eoxc-project/tsgolint#964\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency dprint-markdown to v0.22.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/965\"\u003eoxc-project/tsgolint#965\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update github actions by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/966\"\u003eoxc-project/tsgolint#966\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(no-unnecessary-type-parameters): stop counting settled candidates by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/967\"\u003eoxc-project/tsgolint#967\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add \u003ccode\u003edprint\u003c/code\u003e to pnpm \u003ccode\u003eallowBuilds\u003c/code\u003e by \u003ca href=\"https://github.com/camc314\"\u003e\u003ccode\u003e@​camc314\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/pull/968\"\u003eoxc-project/tsgolint#968\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/oxc-project/tsgolint/compare/v0.22.1...v0.23.0\"\u003ehttps://github.com/oxc-project/tsgolint/compare/v0.22.1...v0.23.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/0e575fae8407227601f66c1d8d8927a535aea58b\"\u003e\u003ccode\u003e0e575fa\u003c/code\u003e\u003c/a\u003e chore: add \u003ccode\u003edprint\u003c/code\u003e to pnpm \u003ccode\u003eallowBuilds\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/968\"\u003e#968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/bb8886bef7ae76cf3280852228a05214c54f2a83\"\u003e\u003ccode\u003ebb8886b\u003c/code\u003e\u003c/a\u003e perf(no-unnecessary-type-parameters): stop counting settled candidates (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/967\"\u003e#967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/90be7b2609efd2bcae290b09e4835fe9ae52c63e\"\u003e\u003ccode\u003e90be7b2\u003c/code\u003e\u003c/a\u003e chore(deps): update github actions (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/966\"\u003e#966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/cdae358c525a9a93ab48af36b51ae2a6c740830d\"\u003e\u003ccode\u003ecdae358\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency dprint-markdown to v0.22.0 (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/965\"\u003e#965\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/d356c9e3d66d0b4fbe1b7353fcf5b8f857d6ed80\"\u003e\u003ccode\u003ed356c9e\u003c/code\u003e\u003c/a\u003e chore(deps): update module github.com/dlclark/regexp2/v2 to v2.0.3 (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/964\"\u003e#964\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/7cba6be4c0d972578d14e52c7a454a0a15961727\"\u003e\u003ccode\u003e7cba6be\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency vitest to v4.1.6 (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/963\"\u003e#963\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/1dcd2a6f4138f4b9a273a231def838995ac589e5\"\u003e\u003ccode\u003e1dcd2a6\u003c/code\u003e\u003c/a\u003e ci: switch security workflow to ubuntu-latest (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/962\"\u003e#962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/b4f66246a62ea03d7cd664bf940d2f978c2068d5\"\u003e\u003ccode\u003eb4f6624\u003c/code\u003e\u003c/a\u003e fix: allow safe promise intersection members (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/959\"\u003e#959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/233eeb35db9d698db67c4d4247963047ceb30fb7\"\u003e\u003ccode\u003e233eeb3\u003c/code\u003e\u003c/a\u003e docs: Update Go version requirement to 1.26 in CONTRIBUTING.md. (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/957\"\u003e#957\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/oxc-project/tsgolint/commit/8bd37abc596e5dd0d54ec6625b6c2a77922b7ca4\"\u003e\u003ccode\u003e8bd37ab\u003c/code\u003e\u003c/a\u003e fix(no-nullable-type-assertion-style): use suggestion instead of fix (\u003ca href=\"https://redirect.github.com/oxc-project/tsgolint/issues/956\"\u003e#956\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/oxc-project/tsgolint/compare/v0.22.1...v0.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fumadocs-core` from 16.8.11 to 16.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fuma-nama/fumadocs/releases\"\u003efumadocs-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003efumadocs-core@16.9.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ee77b9b3: Introduce \u003ccode\u003epagesIndex\u003c/code\u003e property to explicitly define the index page for folder\u003c/li\u003e\n\u003cli\u003e334c8fd: [i18n] support different orders of \u003ccode\u003epreset()\u003c/code\u003e calls\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003efumadocs-core@16.8.12\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e768b676: Standardize \u003ccode\u003estructuredData\u003c/code\u003e in page data\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/4aa30828a14af31d5dc31fcccf0419159badaf39\"\u003e\u003ccode\u003e4aa3082\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3301\"\u003e#3301\u003c/a\u003e from fuma-nama/changeset-release/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/e77b9b3dea6e6071b72ab558382b046d7f78e10b\"\u003e\u003ccode\u003ee77b9b3\u003c/code\u003e\u003c/a\u003e feat(core): Introduce \u003ccode\u003epagesIndex\u003c/code\u003e property to explicitly define the index pa...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/dca5b4992926dcde9f204490a28799bb9b6f8a8c\"\u003e\u003ccode\u003edca5b49\u003c/code\u003e\u003c/a\u003e fix(mdx): fix compatibility with \u003ccode\u003e?raw\u003c/code\u003e query string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/334c8fd19014eeae36cafb38ce8794818ce95083\"\u003e\u003ccode\u003e334c8fd\u003c/code\u003e\u003c/a\u003e feat(core): support different orders of \u003ccode\u003epreset()\u003c/code\u003e calls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/bbf936c0203869affd855293f1a44850c8b90620\"\u003e\u003ccode\u003ebbf936c\u003c/code\u003e\u003c/a\u003e docs: introduce i18n support for story\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/07a06b41a7b00c31b909adca8011217dbecdae5a\"\u003e\u003ccode\u003e07a06b4\u003c/code\u003e\u003c/a\u003e chore: use Waku for stackblitz example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/97c9ad305e8a61576b25b724e56272f7b85bee73\"\u003e\u003ccode\u003e97c9ad3\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/da4d897c8d9357d574eebdc1fa9ac92e382ad9a0\"\u003e\u003ccode\u003eda4d897\u003c/code\u003e\u003c/a\u003e fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/5a5e5c8a504f3673ee5174c347f8cf2226ce6d13\"\u003e\u003ccode\u003e5a5e5c8\u003c/code\u003e\u003c/a\u003e add separate example for demo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/e4710be8663c7f1695a30efbf6f42e8a2cbf7fec\"\u003e\u003ccode\u003ee4710be\u003c/code\u003e\u003c/a\u003e Docs: introduce new i18n API\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fuma-nama/fumadocs/compare/fumadocs-core@16.8.11...fumadocs-core@16.9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fumadocs-mdx` from 15.0.4 to 15.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fuma-nama/fumadocs/releases\"\u003efumadocs-mdx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003efumadocs-mdx@15.0.8\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edca5b49: Fix compatibility with \u003ccode\u003e?raw\u003c/code\u003e query string\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [e77b9b3]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [334c8fd]\n\u003cul\u003e\n\u003cli\u003efumadocs-core@16.9.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003efumadocs-mdx@15.0.7\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e768b676: Standardize \u003ccode\u003estructuredData\u003c/code\u003e in page data\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [768b676]\n\u003cul\u003e\n\u003cli\u003efumadocs-core@16.8.12\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003efumadocs-mdx@15.0.6\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eda4a81a: Update vite configs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003efumadocs-mdx@15.0.5\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1fb6a61: Support custom base directory for content sources\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/4aa30828a14af31d5dc31fcccf0419159badaf39\"\u003e\u003ccode\u003e4aa3082\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3301\"\u003e#3301\u003c/a\u003e from fuma-nama/changeset-release/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/e77b9b3dea6e6071b72ab558382b046d7f78e10b\"\u003e\u003ccode\u003ee77b9b3\u003c/code\u003e\u003c/a\u003e feat(core): Introduce \u003ccode\u003epagesIndex\u003c/code\u003e property to explicitly define the index pa...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/dca5b4992926dcde9f204490a28799bb9b6f8a8c\"\u003e\u003ccode\u003edca5b49\u003c/code\u003e\u003c/a\u003e fix(mdx): fix compatibility with \u003ccode\u003e?raw\u003c/code\u003e query string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/334c8fd19014eeae36cafb38ce8794818ce95083\"\u003e\u003ccode\u003e334c8fd\u003c/code\u003e\u003c/a\u003e feat(core): support different orders of \u003ccode\u003epreset()\u003c/code\u003e calls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/bbf936c0203869affd855293f1a44850c8b90620\"\u003e\u003ccode\u003ebbf936c\u003c/code\u003e\u003c/a\u003e docs: introduce i18n support for story\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/07a06b41a7b00c31b909adca8011217dbecdae5a\"\u003e\u003ccode\u003e07a06b4\u003c/code\u003e\u003c/a\u003e chore: use Waku for stackblitz example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/97c9ad305e8a61576b25b724e56272f7b85bee73\"\u003e\u003ccode\u003e97c9ad3\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/da4d897c8d9357d574eebdc1fa9ac92e382ad9a0\"\u003e\u003ccode\u003eda4d897\u003c/code\u003e\u003c/a\u003e fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/5a5e5c8a504f3673ee5174c347f8cf2226ce6d13\"\u003e\u003ccode\u003e5a5e5c8\u003c/code\u003e\u003c/a\u003e add separate example for demo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/e4710be8663c7f1695a30efbf6f42e8a2cbf7fec\"\u003e\u003ccode\u003ee4710be\u003c/code\u003e\u003c/a\u003e Docs: introduce new i18n API\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fuma-nama/fumadocs/compare/fumadocs-mdx@15.0.4...fumadocs-mdx@15.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fumadocs-ui` from 16.8.11 to 16.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fuma-nama/fumadocs/releases\"\u003efumadocs-ui's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003efumadocs-ui@16.9.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [e77b9b3]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [334c8fd]\n\u003cul\u003e\n\u003cli\u003efumadocs-core@16.9.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003efumadocs-ui@16.8.12\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [768b676]\n\u003cul\u003e\n\u003cli\u003efumadocs-core@16.8.12\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/4aa30828a14af31d5dc31fcccf0419159badaf39\"\u003e\u003ccode\u003e4aa3082\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3301\"\u003e#3301\u003c/a\u003e from fuma-nama/changeset-release/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/e77b9b3dea6e6071b72ab558382b046d7f78e10b\"\u003e\u003ccode\u003ee77b9b3\u003c/code\u003e\u003c/a\u003e feat(core): Introduce \u003ccode\u003epagesIndex\u003c/code\u003e property to explicitly define the index pa...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/dca5b4992926dcde9f204490a28799bb9b6f8a8c\"\u003e\u003ccode\u003edca5b49\u003c/code\u003e\u003c/a\u003e fix(mdx): fix compatibility with \u003ccode\u003e?raw\u003c/code\u003e query string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/334c8fd19014eeae36cafb38ce8794818ce95083\"\u003e\u003ccode\u003e334c8fd\u003c/code\u003e\u003c/a\u003e feat(core): support different orders of \u003ccode\u003epreset()\u003c/code\u003e calls\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/bbf936c0203869affd855293f1a44850c8b90620\"\u003e\u003ccode\u003ebbf936c\u003c/code\u003e\u003c/a\u003e docs: introduce i18n support for story\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/07a06b41a7b00c31b909adca8011217dbecdae5a\"\u003e\u003ccode\u003e07a06b4\u003c/code\u003e\u003c/a\u003e chore: use Waku for stackblitz example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/97c9ad305e8a61576b25b724e56272f7b85bee73\"\u003e\u003ccode\u003e97c9ad3\u003c/code\u003e\u003c/a\u003e Version Packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/da4d897c8d9357d574eebdc1fa9ac92e382ad9a0\"\u003e\u003ccode\u003eda4d897\u003c/code\u003e\u003c/a\u003e fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/5a5e5c8a504f3673ee5174c347f8cf2226ce6d13\"\u003e\u003ccode\u003e5a5e5c8\u003c/code\u003e\u003c/a\u003e add separate example for demo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/e4710be8663c7f1695a30efbf6f42e8a2cbf7fec\"\u003e\u003ccode\u003ee4710be\u003c/code\u003e\u003c/a\u003e Docs: introduce new i18n API\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fuma-nama/fumadocs/compare/fumadocs-ui@16.8.11...fumadocs-ui@16.9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/node` from 25.8.0 to 25.9.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@types/react` from 19.2.14 to 19.2.15\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `react-email` from 6.1.4 to 6.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/resend/react-email/releases\"\u003ereact-email's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ereact-email@6.3.3\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ereact-email@6.3.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efbda5c8: increase whitespace padding to 200 characters for better Gmail preview text rendering\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ereact-email@6.3.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec610dc0: fix: padding in Container/Section failing on Klaviyo and Outlook desktop\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ereact-email@6.3.0\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ereact-email@6.2.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e192d82a: Add \u003ccode\u003etheme\u003c/code\u003e and \u003ccode\u003eutility\u003c/code\u003e props to \u003ccode\u003e\u0026lt;Tailwind\u0026gt;\u003c/code\u003e for Tailwind v4 CSS-first configuration. Both accept a CSS string and can be combined with the existing \u003ccode\u003econfig\u003c/code\u003e prop.\u003c/p\u003e\n\u003cpre lang=\"tsx\"\u003e\u003ccode\u003eimport themeCss from \u0026quot;./theme.css?inline\u0026quot;;\n\u003cp\u003e\u0026lt;Tailwind theme={themeCss}\u0026gt;\u003cbr /\u003e\n\u0026lt;div className=\u0026quot;bg-brand font-display\u0026quot;\u0026gt;Custom themed content\u0026lt;/div\u0026gt;\u003cbr /\u003e\n\u0026lt;/Tailwind\u0026gt;;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eEmpty strings are no-ops. The base Tailwind theme and utilities are still loaded — \u003ccode\u003etheme\u003c/code\u003e and \u003ccode\u003eutility\u003c/code\u003e layer on top.\u003c/p\u003e\n\u003cp\u003eThe preview server, \u003ccode\u003eemail export\u003c/code\u003e, and the caniemail compatibility check all understand the Vite-style \u003ccode\u003e?inline\u003c/code\u003e and \u003ccode\u003e?raw\u003c/code\u003e suffixes on CSS imports, so the pattern above works the same in your project and inside the preview UI. The compatibility check also extracts the \u003ccode\u003etheme\u003c/code\u003e and \u003ccode\u003eutility\u003c/code\u003e props (in addition to \u003ccode\u003econfig\u003c/code\u003e) when analyzing your template, so any caniemail incompatibilities in CSS produced by those props will surface as warnings.\u003c/p\u003e\n\u003cp\u003eInternal note: the exported \u003ccode\u003esetupTailwind\u003c/code\u003e helper now takes \u003ccode\u003e{ config, cssConfigs }\u003c/code\u003e instead of a positional \u003ccode\u003eTailwindConfig\u003c/code\u003e. Calling it with the old shape throws with a migration hint.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e06f1d05: Watch directories targeted by dynamic \u003ccode\u003eimport()\u003c/code\u003e template literals so changes to runtime-resolved files trigger preview reloads.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ereact-email@6.1.5\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1a61cb0: Avoid OOM when running \u003ccode\u003eemail export\u003c/code\u003e on projects with many templates. esbuild builds now run in batches of 10 entry points, and the render phase runs each batch of 25 templates inside a \u003ccode\u003eworker_threads\u003c/code\u003e worker so V8 isolate memory is reclaimed between batches.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/resend/react-email/blob/canary/packages/react-email/CHANGELOG.md\"\u003ereact-email's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.3.3\u003c/h2\u003e\n\u003ch2\u003e6.3.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efbda5c8: increase whitespace padding to 200 characters for better Gmail preview text rendering\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.3.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec610dc0: fix: padding in Container/Section failing on Klaviyo and Outlook desktop\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.3.0\u003c/h2\u003e\n\u003ch2\u003e6.2.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e192d82a: Add \u003ccode\u003etheme\u003c/code\u003e and \u003ccode\u003eutility\u003c/code\u003e props to \u003ccode\u003e\u0026lt;Tailwind\u0026gt;\u003c/code\u003e for Tailwind v4 CSS-first configuration. Both accept a CSS string and can be combined with the existing \u003ccode\u003econfig\u003c/code\u003e prop.\u003c/p\u003e\n\u003cpre lang=\"tsx\"\u003e\u003ccode\u003eimport themeCss from \u0026quot;./theme.css?inline\u0026quot;;\n\u003cp\u003e\u0026lt;Tailwind theme={themeCss}\u0026gt;\u003cbr /\u003e\n\u0026lt;div className=\u0026quot;bg-brand font-display\u0026quot;\u0026gt;Custom themed content\u0026lt;/div\u0026gt;\u003cbr /\u003e\n\u0026lt;/Tailwind\u0026gt;;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eEmpty strings are no-ops. The base Tailwind theme and utilities are still loaded — \u003ccode\u003etheme\u003c/code\u003e and \u003ccode\u003eutility\u003c/code\u003e layer on top.\u003c/p\u003e\n\u003cp\u003eThe preview server, \u003ccode\u003eemail export\u003c/code\u003e, and the caniemail compatibility check all understand the Vite-style \u003ccode\u003e?inline\u003c/code\u003e and \u003ccode\u003e?raw\u003c/code\u003e suffixes on CSS imports, so the pattern above works the same in your project and inside the preview UI. The compatibility check also extracts the \u003ccode\u003etheme\u003c/code\u003e and \u003ccode\u003eutility\u003c/code\u003e props (in addition to \u003ccode\u003econfig\u003c/code\u003e) when analyzing your template, so any caniemail incompatibilities in CSS produced by those props will surface as warnings.\u003c/p\u003e\n\u003cp\u003eInternal note: the exported \u003ccode\u003esetupTailwind\u003c/code\u003e helper now takes \u003ccode\u003e{ config, cssConfigs }\u003c/code\u003e instead of a positional \u003ccode\u003eTailwindConfig\u003c/code\u003e. Calling it with the old shape throws with a migration hint.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e06f1d05: Watch directories targeted by dynamic \u003ccode\u003eimport()\u003c/code\u003e template literals so changes to runtime-resolved files trigger preview reloads.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.1.5\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e1a61cb0: Avoid OOM when running \u003ccode\u003eemail export\u003c/code\u003e on projects with many templates. esbuild builds now run in batches of 10 entry points, and the render phase runs each batch of 25 templates inside a \u003ccode\u003eworker_threads\u003c/code\u003e worker so V8 isolate memory is reclaimed between batches.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/a79acd1f19f4da032ad7c287d78b9ec3dcbb2da0\"\u003e\u003ccode\u003ea79acd1\u003c/code\u003e\u003c/a\u003e chore(root): version packages (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/3535\"\u003e#3535\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/7745296a31a7d463a170c7f3f8dc3f70a69a24ae\"\u003e\u003ccode\u003e7745296\u003c/code\u003e\u003c/a\u003e chore(root): version packages (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/3533\"\u003e#3533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/fbda5c8a2b0671e5725d29f37025c737fec7d5ef\"\u003e\u003ccode\u003efbda5c8\u003c/code\u003e\u003c/a\u003e fix(preview): increase whitespace padding to 200 chars for Gmail (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/3100\"\u003e#3100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/f52257156d9ca7b003527108ee742e65d39dd3fd\"\u003e\u003ccode\u003ef522571\u003c/code\u003e\u003c/a\u003e chore(root): version packages (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/3530\"\u003e#3530\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/c610dc0d5efec749d5d96ac7d578ea4b217da226\"\u003e\u003ccode\u003ec610dc0\u003c/code\u003e\u003c/a\u003e fix: padding in Container/Section failing on Klavyio and Outlook (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/2257\"\u003e#2257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/556d7904c8461a9bc5138f15e9a20d599ef8e6db\"\u003e\u003ccode\u003e556d790\u003c/code\u003e\u003c/a\u003e chore(root): version packages (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/3527\"\u003e#3527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/6c4af8c25e1e461b1666838cf587ee74ee29be7c\"\u003e\u003ccode\u003e6c4af8c\u003c/code\u003e\u003c/a\u003e chore(root): version packages (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/06f1d05faa53cf525f59409bfc0c586390328dcc\"\u003e\u003ccode\u003e06f1d05\u003c/code\u003e\u003c/a\u003e feat(react-email): hot reloading around dynamic import (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/3422\"\u003e#3422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/192d82afd8d05ba30a0c094bff7edc0be56d3258\"\u003e\u003ccode\u003e192d82a\u003c/code\u003e\u003c/a\u003e feat(tailwind): add css configs to \u003ccode\u003eTaliwind\u003c/code\u003e component (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/2926\"\u003e#2926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/react-email/commit/549d95cda58f530df826c2cba033efdaea2e3b61\"\u003e\u003ccode\u003e549d95c\u003c/code\u003e\u003c/a\u003e chore(root): version packages (\u003ca href=\"https://github.com/resend/react-email/tree/HEAD/packages/react-email/issues/3519\"\u003e#3519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/resend/react-email/commits/react-email@6.3.3/packages/react-email\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tanstack/react-query` from 5.100.10 to 5.100.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/releases\"\u003e@​tanstack/react-query's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-next-experimental\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-persist-client\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-persist-client-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix(react-query): do not go into optimistic fetching state when not subscribed (\u003ca href=\"https://redirect.github.com/TanStack/query/pull/10759\"\u003e#10759\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies []:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-next-experimental\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-persist-client\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-persist-client-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md\"\u003e@​tanstack/react-query's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix(react-query): do not go into optimistic fetching state when not subscribed (\u003ca href=\"https://redirect.github.com/TanStack/query/pull/10759\"\u003e#10759\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies []:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/d423168f6261a5cb3d353e53b27c8150cc271151\"\u003e\u003ccode\u003ed423168\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.12\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.12\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.11\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.11\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/TanStack/query/commits/@tanstack/react-query@5.100.14/packages/react-query\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@scalar/hono-api-reference` from 0.10.14 to 0.10.19\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/scalar/scalar/blob/main/integrations/hono/CHANGELOG.md\"\u003e@​scalar/hono-api-reference's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.10.19\u003c/h2\u003e\n\u003ch2\u003e0.10.18\u003c/h2\u003e\n\u003ch2\u003e0.10.17\u003c/h2\u003e\n\u003ch2\u003e0.10.16\u003c/h2\u003e\n\u003ch2\u003e0.10.15\u003c/h2\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/scalar/scalar/commits/HEAD/integrations/hono\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nodemailer` from 8.0.7 to 8.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/releases\"\u003enodemailer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.7...v8.0.8\"\u003e8.0.8\u003c/a\u003e (2026-05-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenforce strict TLS for OAuth2 and Ethereal credential requests (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1818\"\u003e#1818\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/833d6e58c8b717962bbb1b23e16923cd267c3bc9\"\u003e833d6e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efour listener/stream leaks in SMTP transport, connection, pool (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1817\"\u003e#1817\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/850bb91bff7707ed498c1424df01c4e5b30ea14b\"\u003e850bb91\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md\"\u003enodemailer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.7...v8.0.8\"\u003e8.0.8\u003c/a\u003e (2026-05-23)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenforce strict TLS for OAuth2 and Ethereal credential requests (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1818\"\u003e#1818\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/833d6e58c8b717962bbb1b23e16923cd267c3bc9\"\u003e833d6e5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efour listener/stream leaks in SMTP transport, connection, pool (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1817\"\u003e#1817\u003c/a\u003e) (\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/850bb91bff7707ed498c1424df01c4e5b30ea14b\"\u003e850bb91\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/15138a84c543c20aa399218534cdbbfa2ea1ce55\"\u003e\u003ccode\u003e15138a8\u003c/code\u003e\u003c/a\u003e chore(master): release 8.0.8 (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1819\"\u003e#1819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/850bb91bff7707ed498c1424df01c4e5b30ea14b\"\u003e\u003ccode\u003e850bb91\u003c/code\u003e\u003c/a\u003e fix: four listener/stream leaks in SMTP transport, connection, pool (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1817\"\u003e#1817\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodemailer/nodemailer/commit/833d6e58c8b717962bbb1b23e16923cd267c3bc9\"\u003e\u003ccode\u003e833d6e5\u003c/code\u003e\u003c/a\u003e fix: enforce strict TLS for OAuth2 and Ethereal credential requests (\u003ca href=\"https://redirect.github.com/nodemailer/nodemailer/issues/1818\"\u003e#1818\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/nodemailer/nodemailer/compare/v8.0.7...v8.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `resend` from 6.12.3 to 6.12.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/resend/resend-node/releases\"\u003eresend's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.12.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(deps): update dependency next to v16.2.6 [security] by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/957\"\u003eresend/resend-node#957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(dev-660): harden github actions workflows by \u003ca href=\"https://github.com/felipefreitag\"\u003e\u003ccode\u003e@​felipefreitag\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/959\"\u003eresend/resend-node#959\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: add sync-prs-to-linear action by \u003ca href=\"https://github.com/dielduarte\"\u003e\u003ccode\u003e@​dielduarte\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/961\"\u003eresend/resend-node#961\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: rename misnamed \u003ccode\u003eget-contact.interface.ts\u003c/code\u003e to \u003ccode\u003eget-topic.interface.ts\u003c/code\u003e in topics module by \u003ca href=\"https://github.com/wesleyramalho\"\u003e\u003ccode\u003e@​wesleyramalho\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/903\"\u003eresend/resend-node#903\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: avoid mutating payloads in emails, broadcasts, and templates by \u003ca href=\"https://github.com/Shubhdeep12\"\u003e\u003ccode\u003e@​Shubhdeep12\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/862\"\u003eresend/resend-node#862\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add optional baseUrl and userAgent to Resend constructor by \u003ca href=\"https://github.com/xiaoyu2er\"\u003e\u003ccode\u003e@​xiaoyu2er\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/839\"\u003eresend/resend-node#839\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump public-shared-workflows hash by \u003ca href=\"https://github.com/dielduarte\"\u003e\u003ccode\u003e@​dielduarte\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/965\"\u003eresend/resend-node#965\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump public-shared-workflows hash by \u003ca href=\"https://github.com/dielduarte\"\u003e\u003ccode\u003e@​dielduarte\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/966\"\u003eresend/resend-node#966\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: align \u003ccode\u003edelete\u003c/code\u003e method with other HTTP methods in Resend class by \u003ca href=\"https://github.com/wesleyramalho\"\u003e\u003ccode\u003e@​wesleyramalho\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/904\"\u003eresend/resend-node#904\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: to support \u003ccode\u003e@​react-email/render\u003c/code\u003e exports across versions in templates by \u003ca href=\"https://github.com/Shubhdeep12\"\u003e\u003ccode\u003e@​Shubhdeep12\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/863\"\u003eresend/resend-node#863\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: replace svix with standardwebhooks to reduce install size (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/969\"\u003e#969\u003c/a\u003e) by \u003ca href=\"https://github.com/dielduarte\"\u003e\u003ccode\u003e@​dielduarte\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/970\"\u003eresend/resend-node#970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 6.12.4 by \u003ca href=\"https://github.com/dielduarte\"\u003e\u003ccode\u003e@​dielduarte\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/resend/resend-node/pull/971\"\u003eresend/resend-node#971\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/resend/resend-node/compare/v6.12.3...v6.12.4\"\u003ehttps://github.com/resend/resend-node/compare/v6.12.3...v6.12.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/58db880a67575d9231bcbc5cae9c438793698f05\"\u003e\u003ccode\u003e58db880\u003c/code\u003e\u003c/a\u003e chore: bump version to 6.12.4 (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/971\"\u003e#971\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/63f5ddb8fc0d35fa590e27f7ca4d69d3051969db\"\u003e\u003ccode\u003e63f5ddb\u003c/code\u003e\u003c/a\u003e fix: replace svix with standardwebhooks to reduce install size (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/969\"\u003e#969\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/970\"\u003e#970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/45dc73dae27646930d460d52de7528640ba9fb8e\"\u003e\u003ccode\u003e45dc73d\u003c/code\u003e\u003c/a\u003e fix: to support \u003ccode\u003e@​react-email/render\u003c/code\u003e exports across versions in templates (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/863\"\u003e#863\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/24950d7aa54bf19d929fe26e63557611411938cb\"\u003e\u003ccode\u003e24950d7\u003c/code\u003e\u003c/a\u003e refactor: align \u003ccode\u003edelete\u003c/code\u003e method with other HTTP methods in Resend class (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/904\"\u003e#904\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/2759316719f54e602dbf3d0b1fa58703f52b79c0\"\u003e\u003ccode\u003e2759316\u003c/code\u003e\u003c/a\u003e chore: bump public-shared-workflows hash (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/966\"\u003e#966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/fa04efcf72a2c1d89a6530ee14ce08986a4c1a08\"\u003e\u003ccode\u003efa04efc\u003c/code\u003e\u003c/a\u003e chore: bump public-shared-workflows hash (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/965\"\u003e#965\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/77bbf2d63285a1e527fe3fc85493235a6131d084\"\u003e\u003ccode\u003e77bbf2d\u003c/code\u003e\u003c/a\u003e feat: add optional baseUrl and userAgent to Resend constructor (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/839\"\u003e#839\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/ebdb2d3f1ad3880ed81e4bb437796577e3e2ab6b\"\u003e\u003ccode\u003eebdb2d3\u003c/code\u003e\u003c/a\u003e fix: avoid mutating payloads in emails, broadcasts, and templates (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/862\"\u003e#862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/674ab1bf6c09ddc1942d317a9e2939692fd32340\"\u003e\u003ccode\u003e674ab1b\u003c/code\u003e\u003c/a\u003e fix: rename misnamed \u003ccode\u003eget-contact.interface.ts\u003c/code\u003e to \u003ccode\u003eget-topic.interface.ts\u003c/code\u003e i...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/resend/resend-node/commit/ac0c09ffc9dde924b5b147b8767c1b5e636778f6\"\u003e\u003ccode\u003eac0c09f\u003c/code\u003e\u003c/a\u003e chore: add sync-prs-to-linear action (\u003ca href=\"https://redirect.github.com/resend/resend-node/issues/961\"\u003e#961\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/resend/resend-node/compare/v6.12.3...v6.12.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~dielduarte\"\u003edielduarte\u003c/a\u003e, a new releaser for resend since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dodopayments` from 2.31.2 to 2.32.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/releases\"\u003edodopayments's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003ch2\u003e2.32.0 (2026-05-21)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/compare/v2.31.2...v2.32.0\"\u003ev2.31.2...v2.32.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e fixed a breaking modal change (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/2ebadfd83adf32d8d27793242ddcc0c11472c30c\"\u003e2ebadfd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e stainless fixes (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/de22d45d43fcd8111f7df9f9e32dcc41aee49799\"\u003ede22d45\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e updated openapi spec to v1.99.0 and added missing endpoints as well (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/355bcff595128ea31846c905ca88c120e0f80d6c\"\u003e355bcff\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript:\u003c/strong\u003e upgrade tsc-multi so that it works with Node 26 (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/a8a2dbeed8f84ad36f4b88b8ff96220502a98b15\"\u003ea8a2dbe\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etests:\u003c/strong\u003e remove redundant File import (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/3713e1b86140cc3a495c9d9b09f2e6c7cffe01e5\"\u003e3713e1b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/blob/main/CHANGELOG.md\"\u003edodopayments's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.0 (2026-05-21)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/compare/v2.31.2...v2.32.0\"\u003ev2.31.2...v2.32.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e fixed a breaking modal change (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/2ebadfd83adf32d8d27793242ddcc0c11472c30c\"\u003e2ebadfd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e stainless fixes (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/de22d45d43fcd8111f7df9f9e32dcc41aee49799\"\u003ede22d45\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e updated openapi spec to v1.99.0 and added missing endpoints as well (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/355bcff595128ea31846c905ca88c120e0f80d6c\"\u003e355bcff\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript:\u003c/strong\u003e upgrade tsc-multi so that it works with Node 26 (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/a8a2dbeed8f84ad36f4b88b8ff96220502a98b15\"\u003ea8a2dbe\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etests:\u003c/strong\u003e remove redundant File import (\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/3713e1b86140cc3a495c9d9b09f2e6c7cffe01e5\"\u003e3713e1b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/37c566db9f2eba45426948fe19877111aff8f568\"\u003e\u003ccode\u003e37c566d\u003c/code\u003e\u003c/a\u003e release: 2.32.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/f2af7cc1fe5f4f6aef6766c1d04ccb7361730cda\"\u003e\u003ccode\u003ef2af7cc\u003c/code\u003e\u003c/a\u003e feat(api): fixed a breaking modal change\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/b97362418da21adf6606f602cc4c5f73186317a1\"\u003e\u003ccode\u003eb973624\u003c/code\u003e\u003c/a\u003e feat(api): updated openapi spec to v1.99.0 and added missing endpoints as well\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/f782c9582aec95ff95bfc9569644d0366adcf9ec\"\u003e\u003ccode\u003ef782c95\u003c/code\u003e\u003c/a\u003e fix(typescript): upgrade tsc-multi so that it works with Node 26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/d44c384b4df7e0834e02e66980bfbfcb153faef8\"\u003e\u003ccode\u003ed44c384\u003c/code\u003e\u003c/a\u003e chore(tests): remove redundant File import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/commit/d5d7df81be4b90c00fb930d4e3379528de69a899\"\u003e\u003ccode\u003ed5d7df8\u003c/code\u003e\u003c/a\u003e feat(api): stainless fixes\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/dodopayments/dodopayments-typescript/compare/v2.31.2...v2.32.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@ai-sdk/anthropic` from 3.0.77 to 3.0.79\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/anthropic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/anthropic\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.79\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed61a788: Handle errors from anthropic websearch tool\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/anthropic@3.0.79/packages/anthropic/CHANGELOG.md\"\u003e@​ai-sdk/anthropic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.79\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ed61a788: Handle errors from anthropic websearch tool\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.78\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e6e28d25: fix(anthropic): propagate toModelOutput providerOption to anthropic tool results\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/7ebba33ab965b5b26f93705719d76db45089bb3c\"\u003e\u003ccode\u003e7ebba33\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/anthropic/issues/15557\"\u003e#15557\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/d61a788b8faa54b630d5672e71ddd8aecd61f72c\"\u003e\u003ccode\u003ed61a788\u003c/code\u003e\u003c/a\u003e Backport: Handle errors in anthropic's web search tool (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/anthropic/issues/15555\"\u003e#15555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/anthropic/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/6e28d252ffc4032abcbe78a463807d0af90bbaa7\"\u003e\u003ccode\u003e6e28d25\u003c/code\u003e\u003c/a\u003e Backport: fix(anthropic): propagate toModelOutput providerOption to anthropic...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/anthropic@3.0.79/packages/anthropic\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@ai-sdk/openai` from 3.0.63 to 3.0.65\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/openai's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/openai\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.65\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eeb52378: fix(openai): skip passing reasoning items when using previous response id\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/openai@3.0.65/packages/openai/CHANGELOG.md\"\u003e@​ai-sdk/openai's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.65\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eeb52378: fix(openai): skip passing reasoning items when using previous response id\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.64\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eb7ed8bd: feat(openai): add opt-in pass-through for unsupported file media types\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1a3ec6d76fcc5333ac9b2751f3938cbe918efef2\"\u003e\u003ccode\u003e1a3ec6d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15513\"\u003e#15513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/eb523789b342aa21742c0a06f531604782820aff\"\u003e\u003ccode\u003eeb52378\u003c/code\u003e\u003c/a\u003e Backport: fix(openai): skip passing reasoning items when using previous respo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/openai/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/b7ed8bdac18d2e71b4c392f08c8d8f03204ca8f4\"\u003e\u003ccode\u003eb7ed8bd\u003c/code\u003e\u003c/a\u003e Backport: feat(openai): add opt-in pass-through for unsupported file media ty...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/openai@3.0.65/packages/openai\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@ai-sdk/react` from 3.0.184 to 3.0.193\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.193\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.191\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.190\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/react@3.0.193/packages/react/CHANGELOG.md\"\u003e@​ai-sdk/react's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.193\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.191\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.191\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [356c3cf]\n\u003cul\u003e\n\u003cli\u003eai@6.0.189\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.190\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [c98715a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.188\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.189\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.187\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.188\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.186\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.187\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.185\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.186\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [40fc5e4]\n\u003cul\u003e\n\u003cli\u003eai@6.0.184\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/0838d52fe657c4f04891b78423fbc636a543851a\"\u003e\u003ccode\u003e0838d52\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15565\"\u003e#15565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/1a3ec6d76fcc5333ac9b2751f3938cbe918efef2\"\u003e\u003ccode\u003e1a3ec6d\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15513\"\u003e#15513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/bde7d0ff4882364a94e7aeea8ff2b0a7e89effb4\"\u003e\u003ccode\u003ebde7d0f\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15494\"\u003e#15494\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/93ad540ed13863363ebc0bd5a9c574a082602d27\"\u003e\u003ccode\u003e93ad540\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15489\"\u003e#15489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/a15eda90f03049bfba99183b4fd308ca63372b86\"\u003e\u003ccode\u003ea15eda9\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15473\"\u003e#15473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e33b836af7673d45eb90704574ffae5bdc6ba824\"\u003e\u003ccode\u003ee33b836\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15440\"\u003e#15440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/4a989451c5ef8c1b04d8a91e4e9301dc81708cfa\"\u003e\u003ccode\u003e4a98945\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15406\"\u003e#15406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/f8d30032da41bdfd1d4c560bb6439dec8021603e\"\u003e\u003ccode\u003ef8d3003\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15356\"\u003e#15356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/react@3.0.193/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@aws-sdk/client-s3` from 3.1046.0 to 3.1053.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/client-s3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1053.0\u003c/h2\u003e\n\u003ch4\u003e3.1053.0(2026-05-22)\u003c/h4\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-gameliftstreams:\u003c/strong\u003e  Added new Gen6 stream classes based on the EC2 G6e instance family. These classes are designed for streaming high-fidelity, graphically demanding games and applications that benefit from additional GPU memory and performance. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bf88fa508bf74c7120202668d66b1657601e0d32\"\u003ebf88fa50\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-05-22 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/3518814ad7011517e95ba077b4d60b64834dc0f5\"\u003e3518814a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-appconfig:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e757a91539c7e5633896a6165098a1802de3255c\"\u003ee757a915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-repostspace:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/15fec74b7b20e186a9eb70d593819dfa73b7f782\"\u003e15fec74b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ivs-realtime:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/adeea78b85eb00bed1a973b7344ecddbd89345f0\"\u003eadeea78b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-cloudcontrol:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e7ef3bf7a1497a06a0ae1cbdfaa6bfa68b6ffe4\"\u003e2e7ef3bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-tnb:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/f07457cbe17f8f1621475ba0c585363e36aef9d7\"\u003ef07457cb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sso-oidc:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/2e909d25a859634f57fd2cdcd20a760c36bfc42b\"\u003e2e909d25\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-s3vectors:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4071f1a4d21610fb883f2af611b3d69d2922cd5f\"\u003e4071f1a4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-internetmonitor:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/117e04a99f7c58f946947e77b0bc75f87998198e\"\u003e117e04a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-freetier:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e3cf14a2f64239d4b7c4160fd8c5b95672deb9b6\"\u003ee3cf14a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-oam:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5a30b72248e4f26b10173b2f64c7892d1b963eaa\"\u003e5a30b722\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecastquery:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/ada5ae322c6b5eb88ba194b1d8715b5d699de1ce\"\u003eada5ae32\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-customer-profiles:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9de89c10330b5641dc0427653815f8131209edca\"\u003e9de89c10\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-migration-hub-refactor-spaces:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/a4e5e7ba8ec707c4bbdf27a7e38425cb9652861c\"\u003ea4e5e7ba\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-controltower:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/b99b7a1820b90840d18c8b39edc9a4d10afdf553\"\u003eb99b7a18\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-databrew:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/4a1bcdb9123163d275247b25f02845097260fb51\"\u003e4a1bcdb9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-b2bi:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/66bb63d12d590f6e191714b9263affccf478f3b2\"\u003e66bb63d1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-simspaceweaver:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c6617b6d847a27bc7e32bef03c10fb04b227e21f\"\u003ec6617b6d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-emr-containers:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e99cccbde15f31ac18b780138c8f880600e7e516\"\u003ee99cccbd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-recommended-actions:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/45477f0838686bbbd69ad1afbd6b3b7ecda1a1c3\"\u003e45477f08\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-forecast:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/5964d82b99f5dd46a92341f85053db135c0d23fc\"\u003e5964d82b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-neptunedata:\u003c/strong\u003e  Adding new BDD representation of endpoint ruleset (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/418745d5411b2ff30ffb2c8472d4301f485a71a6\"\u003e418745d5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-qconnect:\u003c/strong\u003e  Added guardrail assessment results to inference spans in the ListSpans API. You can now see which AI Guardrail policies were evaluated, whether content was blocked or masked, and per-policy details for each Bedrock Converse call (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0213a8624e82ca946be41fe8833d460e709d2d2a\"\u003e0213a862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bcm-pricing-calculator:\u003c/strong\u003e  Adding new BDD representation of e...\n\n_Description has been truncated_","html_url":"https://github.com/JulioCout/safe-balance/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/JulioCout%2Fsafe-balance/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"}},{"old_version":"1.0.2","new_version":"1.1.1","update_type":"minor","path":null,"pr_created_at":"2026-05-25T19:32:28.000Z","version_change":"1.0.2 → 1.1.1","issue":{"uuid":"4519122795","node_id":"PR_kwDOQXGLpc7fJl1C","number":21,"state":"open","title":"chore(deps)(deps): bump the production-minor-and-patch group across 1 directory with 30 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T19:32:28.000Z","updated_at":"2026-05-25T19:33:41.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): bump","group_name":"production-minor-and-patch","update_count":30,"packages":[{"name":"@hookform/resolvers","old_version":"5.2.2","new_version":"5.4.0","repository_url":"https://github.com/react-hook-form/resolvers"},{"name":"@sentry/node","old_version":"10.27.0","new_version":"10.53.1","repository_url":"https://github.com/getsentry/sentry-javascript"},{"name":"@supabase/supabase-js","old_version":"2.81.1","new_version":"2.106.2","repository_url":"https://github.com/supabase/supabase-js"},{"name":"@tanstack/react-query","old_version":"5.90.10","new_version":"5.100.14","repository_url":"https://github.com/TanStack/query"},{"name":"@trpc/client","old_version":"11.7.1","new_version":"11.17.0","repository_url":"https://github.com/trpc/trpc"},{"name":"@trpc/react-query","old_version":"11.7.1","new_version":"11.17.0","repository_url":"https://github.com/trpc/trpc"},{"name":"@trpc/server","old_version":"11.12.0","new_version":"11.17.0","repository_url":"https://github.com/trpc/trpc"},{"name":"axios","old_version":"1.13.6","new_version":"1.16.1","repository_url":"https://github.com/axios/axios"},{"name":"cookie","old_version":"1.0.2","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"},{"name":"cron","old_version":"4.3.4","new_version":"4.4.0","repository_url":"https://github.com/kelektiv/node-cron"},{"name":"date-fns","old_version":"4.1.0","new_version":"4.3.0","repository_url":"https://github.com/date-fns/date-fns"},{"name":"dotenv","old_version":"17.2.3","new_version":"17.4.2","repository_url":"https://github.com/motdotla/dotenv"},{"name":"drizzle-orm","old_version":"0.44.7","new_version":"0.45.2","repository_url":"https://github.com/drizzle-team/drizzle-orm"},{"name":"ethers","old_version":"6.15.0","new_version":"6.16.0","repository_url":"https://github.com/ethers-io/ethers.js"},{"name":"express-rate-limit","old_version":"8.3.1","new_version":"8.5.2","repository_url":"https://github.com/express-rate-limit/express-rate-limit"},{"name":"framer-motion","old_version":"12.23.24","new_version":"12.40.0","repository_url":"https://github.com/motiondivision/motion"},{"name":"helmet","old_version":"8.1.0","new_version":"8.2.0","repository_url":"https://github.com/helmetjs/helmet"},{"name":"i18next-browser-languagedetector","old_version":"8.2.0","new_version":"8.2.1","repository_url":"https://github.com/i18next/i18next-browser-languageDetector"},{"name":"jose","old_version":"6.1.0","new_version":"6.2.3","repository_url":"https://github.com/panva/jose"},{"name":"nanoid","old_version":"5.1.6","new_version":"5.1.11","repository_url":"https://github.com/ai/nanoid"},{"name":"pg","old_version":"8.16.3","new_version":"8.21.0","repository_url":"https://github.com/brianc/node-postgres"},{"name":"postgres","old_version":"3.4.7","new_version":"3.4.9","repository_url":"https://github.com/porsager/postgres"},{"name":"react","old_version":"19.2.0","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"react-dom","old_version":"19.2.0","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"react-hook-form","old_version":"7.66.0","new_version":"7.76.1","repository_url":"https://github.com/react-hook-form/react-hook-form"},{"name":"redis","old_version":"5.10.0","new_version":"5.12.1","repository_url":"https://github.com/redis/node-redis"},{"name":"tailwind-merge","old_version":"3.4.0","new_version":"3.6.0","repository_url":"https://github.com/dcastil/tailwind-merge"},{"name":"wouter","old_version":"3.7.1","new_version":"3.10.0","repository_url":"https://github.com/molefrog/wouter"},{"name":"zod","old_version":"4.1.12","new_version":"4.4.3","repository_url":"https://github.com/colinhacks/zod"}],"path":null,"ecosystem":"npm"},"body":"Bumps the production-minor-and-patch group with 29 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@hookform/resolvers](https://github.com/react-hook-form/resolvers) | `5.2.2` | `5.4.0` |\n| [@sentry/node](https://github.com/getsentry/sentry-javascript) | `10.27.0` | `10.53.1` |\n| [@supabase/supabase-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js) | `2.81.1` | `2.106.2` |\n| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.90.10` | `5.100.14` |\n| [@trpc/client](https://github.com/trpc/trpc/tree/HEAD/packages/client) | `11.7.1` | `11.17.0` |\n| [@trpc/react-query](https://github.com/trpc/trpc/tree/HEAD/packages/react) | `11.7.1` | `11.17.0` |\n| [@trpc/server](https://github.com/trpc/trpc/tree/HEAD/packages/server) | `11.12.0` | `11.17.0` |\n| [axios](https://github.com/axios/axios) | `1.13.6` | `1.16.1` |\n| [cookie](https://github.com/jshttp/cookie) | `1.0.2` | `1.1.1` |\n| [cron](https://github.com/kelektiv/node-cron) | `4.3.4` | `4.4.0` |\n| [date-fns](https://github.com/date-fns/date-fns) | `4.1.0` | `4.3.0` |\n| [dotenv](https://github.com/motdotla/dotenv) | `17.2.3` | `17.4.2` |\n| [drizzle-orm](https://github.com/drizzle-team/drizzle-orm) | `0.44.7` | `0.45.2` |\n| [ethers](https://github.com/ethers-io/ethers.js) | `6.15.0` | `6.16.0` |\n| [express-rate-limit](https://github.com/express-rate-limit/express-rate-limit) | `8.3.1` | `8.5.2` |\n| [framer-motion](https://github.com/motiondivision/motion) | `12.23.24` | `12.40.0` |\n| [helmet](https://github.com/helmetjs/helmet) | `8.1.0` | `8.2.0` |\n| [i18next-browser-languagedetector](https://github.com/i18next/i18next-browser-languageDetector) | `8.2.0` | `8.2.1` |\n| [jose](https://github.com/panva/jose) | `6.1.0` | `6.2.3` |\n| [nanoid](https://github.com/ai/nanoid) | `5.1.6` | `5.1.11` |\n| [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.16.3` | `8.21.0` |\n| [postgres](https://github.com/porsager/postgres) | `3.4.7` | `3.4.9` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.0` | `19.2.6` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.0` | `19.2.6` |\n| [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.66.0` | `7.76.1` |\n| [redis](https://github.com/redis/node-redis) | `5.10.0` | `5.12.1` |\n| [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.4.0` | `3.6.0` |\n| [wouter](https://github.com/molefrog/wouter) | `3.7.1` | `3.10.0` |\n| [zod](https://github.com/colinhacks/zod) | `4.1.12` | `4.4.3` |\n\n\nUpdates `@hookform/resolvers` from 5.2.2 to 5.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/react-hook-form/resolvers/releases\"\u003e@​hookform/resolvers's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.4.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.3.0...v5.4.0\"\u003e5.4.0\u003c/a\u003e (2026-05-21)\u003c/h1\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add ata-validator resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/845\"\u003e#845\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix issue with toNestErrors.ts (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/848\"\u003e#848\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli\u003eadd guidance on passing context to \u003ccode\u003eyupResolver\u003c/code\u003e (useForm context) (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/835\"\u003e#835\u003c/a\u003e)  (\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/3d2992472adf5735b46b175e22bea82fddf13854\"\u003e3d29924\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/3d2992472adf5735b46b175e22bea82fddf13854\"\u003e\u003ccode\u003e3d29924\u003c/code\u003e\u003c/a\u003e feat: add guidance on passing context to \u003ccode\u003eyupResolver\u003c/code\u003e (useForm context) (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/835\"\u003e#835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/56b68f3798612601190a533887847d8fef2c94af\"\u003e\u003ccode\u003e56b68f3\u003c/code\u003e\u003c/a\u003e feat: 5.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/cf8562d88ce3a1658676b2ef996347f29e05b3ee\"\u003e\u003ccode\u003ecf8562d\u003c/code\u003e\u003c/a\u003e update readme on ata-validator\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/5e5b6103692fa599ddacca39a03bf707e73a5012\"\u003e\u003ccode\u003e5e5b610\u003c/code\u003e\u003c/a\u003e fix issue with toNestErrors.ts (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/848\"\u003e#848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/72aacf8604d697a29a1859f8bffccf18adb86add\"\u003e\u003ccode\u003e72aacf8\u003c/code\u003e\u003c/a\u003e Revise supported versions in SECURITY.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/ad89a20d869f2dc21b905168c5578b3522c01b64\"\u003e\u003ccode\u003ead89a20\u003c/code\u003e\u003c/a\u003e feat: add ata-validator resolver (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/845\"\u003e#845\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/02286db88310fd23e1de61ad880c23e210801813\"\u003e\u003ccode\u003e02286db\u003c/code\u003e\u003c/a\u003e ci: updated publish workflow to use node 24 (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/838\"\u003e#838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/react-hook-form/resolvers/commit/2e9bc7c7d02506d336e20d8c0bae0c479f3662ec\"\u003e\u003ccode\u003e2e9bc7c\u003c/code\u003e\u003c/a\u003e Fix(zodResolver): error paths in complex unions \u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/787\"\u003e#787\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/react-hook-form/resolvers/issues/819\"\u003e#819\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/react-hook-form/resolvers/compare/v5.2.2...v5.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@sentry/node` from 10.27.0 to 10.53.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/getsentry/sentry-javascript/releases\"\u003e@​sentry/node's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.53.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(core): Don't gate user data for streamed spans at scope read time (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20827\"\u003e#20827\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(core): Include subpath type shims in published package (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20835\"\u003e#20835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eref(hono): Consolidate route patching and add clarification comments (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20829\"\u003e#20829\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): Bump next from 15.5.15 to 15.5.18 in /dev-packages/e2e-tests/test-applications/nextjs-15-intl (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20821\"\u003e#20821\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eBundle size 📦\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003ePath\u003c/th\u003e\n\u003cth\u003eSize\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e\u003c/td\u003e\n\u003ctd\u003e26.22 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e - with treeshaking flags\u003c/td\u003e\n\u003ctd\u003e24.69 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Tracing)\u003c/td\u003e\n\u003ctd\u003e43.69 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Tracing + Span Streaming)\u003c/td\u003e\n\u003ctd\u003e45.62 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Tracing, Profiling)\u003c/td\u003e\n\u003ctd\u003e48.56 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Tracing, Replay)\u003c/td\u003e\n\u003ctd\u003e82.4 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Tracing, Replay) - with treeshaking flags\u003c/td\u003e\n\u003ctd\u003e72.08 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Tracing, Replay with Canvas)\u003c/td\u003e\n\u003ctd\u003e86.99 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Tracing, Replay, Feedback)\u003c/td\u003e\n\u003ctd\u003e99.33 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Feedback)\u003c/td\u003e\n\u003ctd\u003e43 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. sendFeedback)\u003c/td\u003e\n\u003ctd\u003e30.92 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. FeedbackAsync)\u003c/td\u003e\n\u003ctd\u003e35.91 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Metrics)\u003c/td\u003e\n\u003ctd\u003e27.27 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Logs)\u003c/td\u003e\n\u003ctd\u003e27.42 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/browser\u003c/code\u003e (incl. Metrics \u0026amp; Logs)\u003c/td\u003e\n\u003ctd\u003e28.08 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/react\u003c/code\u003e\u003c/td\u003e\n\u003ctd\u003e27.92 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/react\u003c/code\u003e (incl. Tracing)\u003c/td\u003e\n\u003ctd\u003e45.9 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/vue\u003c/code\u003e\u003c/td\u003e\n\u003ctd\u003e31.01 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/vue\u003c/code\u003e (incl. Tracing)\u003c/td\u003e\n\u003ctd\u003e45.5 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ccode\u003e@​sentry/svelte\u003c/code\u003e\u003c/td\u003e\n\u003ctd\u003e26.24 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle\u003c/td\u003e\n\u003ctd\u003e28.55 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Tracing)\u003c/td\u003e\n\u003ctd\u003e46.04 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Logs, Metrics)\u003c/td\u003e\n\u003ctd\u003e29.89 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Tracing, Logs, Metrics)\u003c/td\u003e\n\u003ctd\u003e47.14 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Replay, Logs, Metrics)\u003c/td\u003e\n\u003ctd\u003e68.3 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Tracing, Replay)\u003c/td\u003e\n\u003ctd\u003e82.55 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Tracing, Replay, Logs, Metrics)\u003c/td\u003e\n\u003ctd\u003e83.6 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Tracing, Replay, Feedback)\u003c/td\u003e\n\u003ctd\u003e88.23 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics)\u003c/td\u003e\n\u003ctd\u003e89.3 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle - uncompressed\u003c/td\u003e\n\u003ctd\u003e83.97 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Tracing) - uncompressed\u003c/td\u003e\n\u003ctd\u003e138.12 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Logs, Metrics) - uncompressed\u003c/td\u003e\n\u003ctd\u003e88.07 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Tracing, Logs, Metrics) - uncompressed\u003c/td\u003e\n\u003ctd\u003e141.5 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003eCDN Bundle (incl. Replay, Logs, Metrics) - uncompressed\u003c/td\u003e\n\u003ctd\u003e209.97 KB\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md\"\u003e@​sentry/node's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.53.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(core): Don't gate user data for streamed spans at scope read time (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20827\"\u003e#20827\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(core): Include subpath type shims in published package (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20835\"\u003e#20835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eref(hono): Consolidate route patching and add clarification comments (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20829\"\u003e#20829\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): Bump next from 15.5.15 to 15.5.18 in /dev-packages/e2e-tests/test-applications/nextjs-15-intl (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20821\"\u003e#20821\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e10.53.0\u003c/h2\u003e\n\u003ch3\u003eImportant Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003efeat(core): Add \u003ccode\u003estreamGenAiSpans\u003c/code\u003e options to stream gen_ai spans (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20785\"\u003e#20785\u003c/a\u003e)\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eAdds a new \u003ccode\u003estreamGenAiSpans\u003c/code\u003e option that controls how \u003ccode\u003egen_ai\u003c/code\u003e spans are\nsent to Sentry. When set, the SDK extracts all \u003ccode\u003egen_ai\u003c/code\u003e spans out of a\ntransaction and sends them as v2 envelope items.\u003c/p\u003e\n\u003cp\u003eEnable this option if gen_ai spans are being dropped because the transaction payload exceeds size limits.\u003c/p\u003e\n\u003cpre lang=\"ts\"\u003e\u003ccode\u003eSentry.init({\n  dsn: 'https://examplePublicKey@o0.ingest.sentry.io/0',\n  streamGenAiSpans: true,\n});\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat(browser): Migrate browser profiling thread data to span attributes (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20800\"\u003e#20800\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(core): Add \u003ccode\u003eaddConsoleInstrumentationFilter\u003c/code\u003e utility (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20790\"\u003e#20790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(core): Add \u003ccode\u003eapplicationKey\u003c/code\u003e to \u003ccode\u003eBuildTimeOptionsBase\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20789\"\u003e#20789\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(core): split exports by browser/server for bundle size (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20435\"\u003e#20435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(nextjs): Add top-level \u003ccode\u003eapplicationKey\u003c/code\u003e option (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20794\"\u003e#20794\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(node): Support Node 26 (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20710\"\u003e#20710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(profiling-node): Bump \u003ccode\u003e@sentry-internal/node-cpu-profiler\u003c/code\u003e to 2.4.0 (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20720\"\u003e#20720\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(cloudflare): avoid flush lock self-wait (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20719\"\u003e#20719\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(hono): Capture transaction name on request for correct culprit (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20801\"\u003e#20801\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(mcp): retroactively wrap handlers registered before wrapMcpServerWithSentry (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20699\"\u003e#20699\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(node-core): Guard against undefined util.getSystemErrorMap (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20660\"\u003e#20660\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix(replay): Capture aborted/errored fetch requests in replay network tab (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/pull/20722\"\u003e#20722\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/cd9740818cba748dbced0e8a1497000a88ec8a56\"\u003e\u003ccode\u003ecd97408\u003c/code\u003e\u003c/a\u003e release: 10.53.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/66cfb25117ed7b14ca3da20a79b836619e9c8a6c\"\u003e\u003ccode\u003e66cfb25\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/20838\"\u003e#20838\u003c/a\u003e from getsentry/prepare-release/10.53.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/df8fd3863043f143961a5d96e79a717d62eada31\"\u003e\u003ccode\u003edf8fd38\u003c/code\u003e\u003c/a\u003e meta(changelog): Update changelog for 10.53.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/588100986580e0f5c8c3204661e59e5103e7d269\"\u003e\u003ccode\u003e5881009\u003c/code\u003e\u003c/a\u003e fix(core): Include subpath type shims in published package (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/20835\"\u003e#20835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/6a7d179ad38c7591021c88e4bd3ec82b3c6cc606\"\u003e\u003ccode\u003e6a7d179\u003c/code\u003e\u003c/a\u003e fix(core): Don't gate user data for streamed spans at scope read time (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/20827\"\u003e#20827\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/ad47c3c3de5b2bacfbbd08bcdf9cd90184ce64bc\"\u003e\u003ccode\u003ead47c3c\u003c/code\u003e\u003c/a\u003e ref(hono): Consolidate route patching and add clarification comments (\u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/20829\"\u003e#20829\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/28d6fe514d5ed00561a8e3d1c0406a8cb544c738\"\u003e\u003ccode\u003e28d6fe5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/getsentry/sentry-javascript/issues/20826\"\u003e#20826\u003c/a\u003e from getsentry/master\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/46aca45a868d717939448ded1001fac4337ac46e\"\u003e\u003ccode\u003e46aca45\u003c/code\u003e\u003c/a\u003e Merge branch 'release/10.53.0'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/b5cbc9ca1800e1b4ee1de66e135a90891cecd570\"\u003e\u003ccode\u003eb5cbc9c\u003c/code\u003e\u003c/a\u003e chore(deps): Bump next from 15.5.15 to 15.5.18 in /dev-packages/e2e-tests/tes...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/getsentry/sentry-javascript/commit/05489b83e7920fc4ce47a530054c5558c1704a45\"\u003e\u003ccode\u003e05489b8\u003c/code\u003e\u003c/a\u003e release: 10.53.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/getsentry/sentry-javascript/compare/10.27.0...10.53.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@supabase/supabase-js` from 2.81.1 to 2.106.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/supabase/supabase-js/releases\"\u003e@​supabase/supabase-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.106.2\u003c/h2\u003e\n\u003ch2\u003e2.106.2 (2026-05-25)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eauth:\u003c/strong\u003e restore signup user response (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2391\"\u003e#2391\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisc:\u003c/strong\u003e add react-native export condition for Hermes-safe resolution (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2393\"\u003e#2393\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMyroslav Hryhschenko \u003ca href=\"https://github.com/BLOCKMATERIAL\"\u003e\u003ccode\u003e@​BLOCKMATERIAL\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eVaibhav \u003ca href=\"https://github.com/7ttp\"\u003e\u003ccode\u003e@​7ttp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.106.2-canary.1\u003c/h2\u003e\n\u003ch2\u003e2.106.2-canary.1 (2026-05-22)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only, there were no code changes.\u003c/p\u003e\n\u003ch2\u003ev2.106.2-canary.0\u003c/h2\u003e\n\u003ch2\u003e2.106.2-canary.0 (2026-05-22)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eauth:\u003c/strong\u003e restore signup user response (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2391\"\u003e#2391\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisc:\u003c/strong\u003e add react-native export condition for Hermes-safe resolution (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2393\"\u003e#2393\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMyroslav Hryhschenko \u003ca href=\"https://github.com/BLOCKMATERIAL\"\u003e\u003ccode\u003e@​BLOCKMATERIAL\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eVaibhav \u003ca href=\"https://github.com/7ttp\"\u003e\u003ccode\u003e@​7ttp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.106.2-beta.2\u003c/h2\u003e\n\u003ch2\u003e2.106.2-beta.2 (2026-05-22)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only, there were no code changes.\u003c/p\u003e\n\u003ch2\u003ev2.106.2-beta.0\u003c/h2\u003e\n\u003ch2\u003e2.106.2-beta.0 (2026-05-21)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only, there were no code changes.\u003c/p\u003e\n\u003ch2\u003ev2.106.1\u003c/h2\u003e\n\u003ch2\u003e2.106.1 (2026-05-20)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eauth:\u003c/strong\u003e encode client-id in oauth requests (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2383\"\u003e#2383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisc:\u003c/strong\u003e hide dynamic import from hermesc (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2381\"\u003e#2381\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/supabase/supabase-js/blob/master/packages/core/supabase-js/CHANGELOG.md\"\u003e@​supabase/supabase-js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.106.2 (2026-05-25)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003emisc:\u003c/strong\u003e add react-native export condition for Hermes-safe resolution (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2393\"\u003e#2393\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMyroslav Hryhschenko \u003ca href=\"https://github.com/BLOCKMATERIAL\"\u003e\u003ccode\u003e@​BLOCKMATERIAL\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.106.1 (2026-05-20)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003emisc:\u003c/strong\u003e hide dynamic import from hermesc (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2381\"\u003e#2381\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKaterina Skroumpelou \u003ca href=\"https://github.com/mandarini\"\u003e\u003ccode\u003e@​mandarini\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.106.0 (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esupabase:\u003c/strong\u003e W3C/OpenTelemetry trace context propagation (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2163\"\u003e#2163\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erelease:\u003c/strong\u003e mark \u003ccode\u003e@​supabase/tracing\u003c/code\u003e private and snapshot it for JSR (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2370\"\u003e#2370\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eClaude Sonnet 4.5\u003c/li\u003e\n\u003cli\u003eGuilherme Souza\u003c/li\u003e\n\u003cli\u003eKaterina Skroumpelou \u003ca href=\"https://github.com/mandarini\"\u003e\u003ccode\u003e@​mandarini\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.105.4 (2026-05-08)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for \u003ccode\u003e@​supabase/supabase-js\u003c/code\u003e to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003ch2\u003e2.105.2 (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eauth:\u003c/strong\u003e forward lockAcquireTimeout to SupabaseAuthClient (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2309\"\u003e#2309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisc:\u003c/strong\u003e widen enum-like unions with (string \u0026amp; {}) for forward compat (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2303\"\u003e#2303\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMuzzaiyyan Hussain \u003ca href=\"https://github.com/MuzzaiyyanHussain\"\u003e\u003ccode\u003e@​MuzzaiyyanHussain\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/a5f09cf9a0a8c2744464a8505333ab3136e3f290\"\u003e\u003ccode\u003ea5f09cf\u003c/code\u003e\u003c/a\u003e chore(repo): adopt pnpm catalog and clean up devDeps (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2389\"\u003e#2389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/c72cc5608764b8d15f58e6ce8cfc6867ebead1be\"\u003e\u003ccode\u003ec72cc56\u003c/code\u003e\u003c/a\u003e fix(misc): add react-native export condition for Hermes-safe resolution (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2393\"\u003e#2393\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/a7bdb236041d5a3061be856fd9e00b45d9b62f54\"\u003e\u003ccode\u003ea7bdb23\u003c/code\u003e\u003c/a\u003e docs(supabase): expand tracePropagation tsdoc with examples (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2388\"\u003e#2388\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/f4c149c70f0f2c4203edf47fb173cb135c59b2be\"\u003e\u003ccode\u003ef4c149c\u003c/code\u003e\u003c/a\u003e chore(release): version 2.106.1 changelogs (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2384\"\u003e#2384\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/3f9628af627804fbfb1a7fc7a2b5f929856a1b52\"\u003e\u003ccode\u003e3f9628a\u003c/code\u003e\u003c/a\u003e fix(misc): hide dynamic import from hermesc (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2381\"\u003e#2381\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/1761a621ebcd40f7bbbf4bb95d7bf4e256b250c0\"\u003e\u003ccode\u003e1761a62\u003c/code\u003e\u003c/a\u003e chore(release): version 2.106.0 changelogs (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2379\"\u003e#2379\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/1c48755657c5f7aac5e4a7abf3f68f27efc0c746\"\u003e\u003ccode\u003e1c48755\u003c/code\u003e\u003c/a\u003e chore(deps): cleanups and updates (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2371\"\u003e#2371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/9dfba1c3d98c2c41c60f940a211950dfd3924e01\"\u003e\u003ccode\u003e9dfba1c\u003c/code\u003e\u003c/a\u003e chore(repo): migrate to pnpm (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2368\"\u003e#2368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/6731c4a900135ecbb14420bb3f3fe39196a0a9db\"\u003e\u003ccode\u003e6731c4a\u003c/code\u003e\u003c/a\u003e fix(release): mark \u003ccode\u003e@​supabase/tracing\u003c/code\u003e private and snapshot it for JSR (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2370\"\u003e#2370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/2fe1801fd5e9e03dd22308bcb98854429f634dd4\"\u003e\u003ccode\u003e2fe1801\u003c/code\u003e\u003c/a\u003e feat(supabase): W3C/OpenTelemetry trace context propagation (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2163\"\u003e#2163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/supabase/supabase-js/commits/v2.106.2/packages/core/supabase-js\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@tanstack/react-query` from 5.90.10 to 5.100.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/releases\"\u003e@​tanstack/react-query's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-next-experimental\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-persist-client\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-persist-client-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix(react-query): do not go into optimistic fetching state when not subscribed (\u003ca href=\"https://redirect.github.com/TanStack/query/pull/10759\"\u003e#10759\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies []:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-devtools\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-next-experimental\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query-persist-client\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-persist-client-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​tanstack/react-query\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md\"\u003e@​tanstack/react-query's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.100.14\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix(react-query): do not go into optimistic fetching state when not subscribed (\u003ca href=\"https://redirect.github.com/TanStack/query/pull/10759\"\u003e#10759\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated dependencies []:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.14\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.13\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/d423168f6261a5cb3d353e53b27c8150cc271151\"\u003e\u003ccode\u003ed423168\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.13\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.12\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.12\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.11\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.11\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.10\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.10\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.9\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [\u003ca href=\"https://github.com/TanStack/query/commit/fcee7bdc429385ae8ffa224fa8a7a9ec7b8ee380\"\u003e\u003ccode\u003efcee7bd\u003c/code\u003e\u003c/a\u003e]:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.9\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.100.8\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies []:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​tanstack/query-core\u003c/code\u003e\u003ca href=\"https://github.com/5\"\u003e\u003ccode\u003e@​5\u003c/code\u003e\u003c/a\u003e.100.8\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/ba6e7beebd50143408f01fcf5d9aee2ec1486f60\"\u003e\u003ccode\u003eba6e7be\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10767\"\u003e#10767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/ed20b6d7541c908033acfcad92b0cd112930d1c3\"\u003e\u003ccode\u003eed20b6d\u003c/code\u003e\u003c/a\u003e fix(react): do not go into optimistic fetching state when not subscribed (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10\"\u003e#10\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/05cf2bc0a4eae64959dc8a40152e2878190c971b\"\u003e\u003ccode\u003e05cf2bc\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10758\"\u003e#10758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/d423168f6261a5cb3d353e53b27c8150cc271151\"\u003e\u003ccode\u003ed423168\u003c/code\u003e\u003c/a\u003e fix(query-core): use built-in NoInfer for generic indexed-access types (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10593\"\u003e#10593\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/5ff4f6936bb66a64267eb4413430f956eecf7248\"\u003e\u003ccode\u003e5ff4f69\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10755\"\u003e#10755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/3e85350749751eef055fffb65f6838dfafa74891\"\u003e\u003ccode\u003e3e85350\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10706\"\u003e#10706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/9d2692cec4d538c2f96489027ba546f11638dfb1\"\u003e\u003ccode\u003e9d2692c\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10695\"\u003e#10695\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/74fa05eb1b16f40ea7068afd0e5e082687d22338\"\u003e\u003ccode\u003e74fa05e\u003c/code\u003e\u003c/a\u003e chore(tsconfig.json): narrow 'include' pattern to prevent TS6053 race conditi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/8c3d523d0ab0b3f8fad28fbaae6807e7aca7eb54\"\u003e\u003ccode\u003e8c3d523\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10630\"\u003e#10630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/TanStack/query/commit/9800c8f1a3f7907956410c23426a26d981e7d694\"\u003e\u003ccode\u003e9800c8f\u003c/code\u003e\u003c/a\u003e ci: Version Packages (\u003ca href=\"https://github.com/TanStack/query/tree/HEAD/packages/react-query/issues/10623\"\u003e#10623\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/TanStack/query/commits/@tanstack/react-query@5.100.14/packages/react-query\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​tanstack/react-query\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@trpc/client` from 11.7.1 to 11.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/trpc/trpc/releases\"\u003e@​trpc/client's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): bump next from 15.5.10 to 15.5.14 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7268\"\u003etrpc/trpc#7268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Review stale skills (v11.16.0) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7295\"\u003etrpc/trpc#7295\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server): unwrap error from cause for streaming onError by \u003ca href=\"https://github.com/zirkelc\"\u003e\u003ccode\u003e@​zirkelc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7286\"\u003etrpc/trpc#7286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Add cache checks for openapi router fixtures by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7296\"\u003etrpc/trpc#7296\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Update Hey API for new type imports by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7298\"\u003etrpc/trpc#7298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add oasdiff docs to openapi by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7299\"\u003etrpc/trpc#7299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Add subscription inferrence helpers by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7303\"\u003etrpc/trpc#7303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(www): Add accessible text to links without discernible text by \u003ca href=\"https://github.com/cyphercodes\"\u003e\u003ccode\u003e@​cyphercodes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7302\"\u003etrpc/trpc#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency \u003ccode\u003e@​tanstack/intent\u003c/code\u003e to ^0.0.27 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7309\"\u003etrpc/trpc#7309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency srvx to v0.11.14 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7310\"\u003etrpc/trpc#7310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​oxc-project/runtime\u003c/code\u003e to v0.123.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7311\"\u003etrpc/trpc#7311\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency \u003ccode\u003e@​clack/prompts\u003c/code\u003e to v1.2.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7312\"\u003etrpc/trpc#7312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump fastify from 5.8.1 to 5.8.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7288\"\u003etrpc/trpc#7288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update codecov/codecov-action action to v6 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7313\"\u003etrpc/trpc#7313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency eslint-plugin-unicorn to v64 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7314\"\u003etrpc/trpc#7314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency undici to v8 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7316\"\u003etrpc/trpc#7316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(monorepo): remove versions from private workspaces by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7306\"\u003etrpc/trpc#7306\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server): handle React 19 proxy coercion in createInnerProxy by \u003ca href=\"https://github.com/DORI2001\"\u003e\u003ccode\u003e@​DORI2001\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7336\"\u003etrpc/trpc#7336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add trpc-studio to awesome-trpc extensions by \u003ca href=\"https://github.com/sayefdeen\"\u003e\u003ccode\u003e@​sayefdeen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7340\"\u003etrpc/trpc#7340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade pnpm to 10.33.1 by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7350\"\u003etrpc/trpc#7350\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: upgrade drizzle in next-sse-chat example by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7351\"\u003etrpc/trpc#7351\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(www): Add Legora to website logos by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7358\"\u003etrpc/trpc#7358\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cyphercodes\"\u003e\u003ccode\u003e@​cyphercodes\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7302\"\u003etrpc/trpc#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DORI2001\"\u003e\u003ccode\u003e@​DORI2001\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7336\"\u003etrpc/trpc#7336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sayefdeen\"\u003e\u003ccode\u003e@​sayefdeen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7340\"\u003etrpc/trpc#7340\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trpc/trpc/compare/v11.16.0...v11.17.0\"\u003ehttps://github.com/trpc/trpc/compare/v11.16.0...v11.17.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: OpenAPI Cyclic Types support by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7283\"\u003etrpc/trpc#7283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Review stale skills (manual) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7294\"\u003etrpc/trpc#7294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e@trpc/openapi\u003c/code\u003e 11.16.0-alpha\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrops the type depth limit of 20, and significantly hardens cyclic-type support for both inference and Zod\u003c/li\u003e\n\u003cli\u003eSupport zod.lazy via Standard Schema fallback\u003c/li\u003e\n\u003cli\u003eStrip symbols from output (no more \u003ccode\u003e__@asyncIterator@5456\u003c/code\u003e symbols in output)\u003c/li\u003e\n\u003cli\u003eAdd more comprehensive types for the OpenAPI doc from the official package (now a dependency) and apply some patches to these types because they're slightly outdated\u003c/li\u003e\n\u003cli\u003eFixes several issues with gathering schema descriptions, such as consuming jsdoc comments from node_modules types\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7294\"\u003etrpc/trpc#7294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trpc/trpc/compare/v11.15.1...v11.16.0\"\u003ehttps://github.com/trpc/trpc/compare/v11.15.1...v11.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/23c723cfeaf07da28a52a5c35c3dcccf96a47578\"\u003e\u003ccode\u003e23c723c\u003c/code\u003e\u003c/a\u003e v11.17.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/cb17317f15654ee7bce1d34f737fee64a8babb43\"\u003e\u003ccode\u003ecb17317\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency undici to v8 (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/client/issues/7316\"\u003e#7316\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/48c51585463c03c95db9d0ea97447c4ca6c68134\"\u003e\u003ccode\u003e48c5158\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​tanstack/intent\u003c/code\u003e to ^0.0.27 (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/client/issues/7309\"\u003e#7309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/59f2cdb3c58310733b06d3b2e16c94065fe0a9c3\"\u003e\u003ccode\u003e59f2cdb\u003c/code\u003e\u003c/a\u003e chore: Review stale skills (v11.16.0) (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/client/issues/7295\"\u003e#7295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/2713275631db358f17f2fec71a7f7e04b3db4add\"\u003e\u003ccode\u003e2713275\u003c/code\u003e\u003c/a\u003e v11.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/85b0ab89850167ae14ec5376044e2ac2a051c1d8\"\u003e\u003ccode\u003e85b0ab8\u003c/code\u003e\u003c/a\u003e v11.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/c4b1d7458ec869f6c51469f7fcd84b517d53ffae\"\u003e\u003ccode\u003ec4b1d74\u003c/code\u003e\u003c/a\u003e chore: Review stale skills (manual) (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/client/issues/7294\"\u003e#7294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/88b02b81d16d4046a709508799a905ac7bf9ce8b\"\u003e\u003ccode\u003e88b02b8\u003c/code\u003e\u003c/a\u003e v11.15.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/25b97f51ee4ee57da0da3c63cf54a50c6c8627d5\"\u003e\u003ccode\u003e25b97f5\u003c/code\u003e\u003c/a\u003e v11.15.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/88f9f622edeb213a1ec565dcf908ab92b9a983d6\"\u003e\u003ccode\u003e88f9f62\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​tanstack/intent\u003c/code\u003e to ^0.0.23 (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/client/issues/7274\"\u003e#7274\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/trpc/trpc/commits/v11.17.0/packages/client\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​trpc/client\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@trpc/react-query` from 11.7.1 to 11.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/trpc/trpc/releases\"\u003e@​trpc/react-query's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): bump next from 15.5.10 to 15.5.14 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7268\"\u003etrpc/trpc#7268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Review stale skills (v11.16.0) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7295\"\u003etrpc/trpc#7295\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server): unwrap error from cause for streaming onError by \u003ca href=\"https://github.com/zirkelc\"\u003e\u003ccode\u003e@​zirkelc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7286\"\u003etrpc/trpc#7286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Add cache checks for openapi router fixtures by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7296\"\u003etrpc/trpc#7296\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Update Hey API for new type imports by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7298\"\u003etrpc/trpc#7298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add oasdiff docs to openapi by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7299\"\u003etrpc/trpc#7299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Add subscription inferrence helpers by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7303\"\u003etrpc/trpc#7303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(www): Add accessible text to links without discernible text by \u003ca href=\"https://github.com/cyphercodes\"\u003e\u003ccode\u003e@​cyphercodes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7302\"\u003etrpc/trpc#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency \u003ccode\u003e@​tanstack/intent\u003c/code\u003e to ^0.0.27 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7309\"\u003etrpc/trpc#7309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency srvx to v0.11.14 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7310\"\u003etrpc/trpc#7310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​oxc-project/runtime\u003c/code\u003e to v0.123.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7311\"\u003etrpc/trpc#7311\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency \u003ccode\u003e@​clack/prompts\u003c/code\u003e to v1.2.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7312\"\u003etrpc/trpc#7312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump fastify from 5.8.1 to 5.8.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7288\"\u003etrpc/trpc#7288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update codecov/codecov-action action to v6 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7313\"\u003etrpc/trpc#7313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency eslint-plugin-unicorn to v64 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7314\"\u003etrpc/trpc#7314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency undici to v8 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7316\"\u003etrpc/trpc#7316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(monorepo): remove versions from private workspaces by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7306\"\u003etrpc/trpc#7306\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server): handle React 19 proxy coercion in createInnerProxy by \u003ca href=\"https://github.com/DORI2001\"\u003e\u003ccode\u003e@​DORI2001\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7336\"\u003etrpc/trpc#7336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add trpc-studio to awesome-trpc extensions by \u003ca href=\"https://github.com/sayefdeen\"\u003e\u003ccode\u003e@​sayefdeen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7340\"\u003etrpc/trpc#7340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade pnpm to 10.33.1 by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7350\"\u003etrpc/trpc#7350\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: upgrade drizzle in next-sse-chat example by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7351\"\u003etrpc/trpc#7351\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(www): Add Legora to website logos by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7358\"\u003etrpc/trpc#7358\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cyphercodes\"\u003e\u003ccode\u003e@​cyphercodes\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7302\"\u003etrpc/trpc#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DORI2001\"\u003e\u003ccode\u003e@​DORI2001\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7336\"\u003etrpc/trpc#7336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sayefdeen\"\u003e\u003ccode\u003e@​sayefdeen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7340\"\u003etrpc/trpc#7340\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trpc/trpc/compare/v11.16.0...v11.17.0\"\u003ehttps://github.com/trpc/trpc/compare/v11.16.0...v11.17.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: OpenAPI Cyclic Types support by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7283\"\u003etrpc/trpc#7283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Review stale skills (manual) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7294\"\u003etrpc/trpc#7294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e@trpc/openapi\u003c/code\u003e 11.16.0-alpha\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrops the type depth limit of 20, and significantly hardens cyclic-type support for both inference and Zod\u003c/li\u003e\n\u003cli\u003eSupport zod.lazy via Standard Schema fallback\u003c/li\u003e\n\u003cli\u003eStrip symbols from output (no more \u003ccode\u003e__@asyncIterator@5456\u003c/code\u003e symbols in output)\u003c/li\u003e\n\u003cli\u003eAdd more comprehensive types for the OpenAPI doc from the official package (now a dependency) and apply some patches to these types because they're slightly outdated\u003c/li\u003e\n\u003cli\u003eFixes several issues with gathering schema descriptions, such as consuming jsdoc comments from node_modules types\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7294\"\u003etrpc/trpc#7294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trpc/trpc/compare/v11.15.1...v11.16.0\"\u003ehttps://github.com/trpc/trpc/compare/v11.15.1...v11.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/trpc/trpc/commits/v11.17.0/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​trpc/react-query\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@trpc/server` from 11.12.0 to 11.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/trpc/trpc/releases\"\u003e@​trpc/server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev11.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): bump next from 15.5.10 to 15.5.14 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7268\"\u003etrpc/trpc#7268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Review stale skills (v11.16.0) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7295\"\u003etrpc/trpc#7295\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server): unwrap error from cause for streaming onError by \u003ca href=\"https://github.com/zirkelc\"\u003e\u003ccode\u003e@​zirkelc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7286\"\u003etrpc/trpc#7286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Add cache checks for openapi router fixtures by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7296\"\u003etrpc/trpc#7296\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Update Hey API for new type imports by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7298\"\u003etrpc/trpc#7298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add oasdiff docs to openapi by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7299\"\u003etrpc/trpc#7299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: Add subscription inferrence helpers by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7303\"\u003etrpc/trpc#7303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(www): Add accessible text to links without discernible text by \u003ca href=\"https://github.com/cyphercodes\"\u003e\u003ccode\u003e@​cyphercodes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7302\"\u003etrpc/trpc#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency \u003ccode\u003e@​tanstack/intent\u003c/code\u003e to ^0.0.27 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7309\"\u003etrpc/trpc#7309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency srvx to v0.11.14 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7310\"\u003etrpc/trpc#7310\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​oxc-project/runtime\u003c/code\u003e to v0.123.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7311\"\u003etrpc/trpc#7311\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency \u003ccode\u003e@​clack/prompts\u003c/code\u003e to v1.2.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7312\"\u003etrpc/trpc#7312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump fastify from 5.8.1 to 5.8.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7288\"\u003etrpc/trpc#7288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update codecov/codecov-action action to v6 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7313\"\u003etrpc/trpc#7313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency eslint-plugin-unicorn to v64 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7314\"\u003etrpc/trpc#7314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency undici to v8 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7316\"\u003etrpc/trpc#7316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(monorepo): remove versions from private workspaces by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7306\"\u003etrpc/trpc#7306\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(server): handle React 19 proxy coercion in createInnerProxy by \u003ca href=\"https://github.com/DORI2001\"\u003e\u003ccode\u003e@​DORI2001\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7336\"\u003etrpc/trpc#7336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add trpc-studio to awesome-trpc extensions by \u003ca href=\"https://github.com/sayefdeen\"\u003e\u003ccode\u003e@​sayefdeen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7340\"\u003etrpc/trpc#7340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: upgrade pnpm to 10.33.1 by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7350\"\u003etrpc/trpc#7350\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: upgrade drizzle in next-sse-chat example by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7351\"\u003etrpc/trpc#7351\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(www): Add Legora to website logos by \u003ca href=\"https://github.com/KATT\"\u003e\u003ccode\u003e@​KATT\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7358\"\u003etrpc/trpc#7358\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cyphercodes\"\u003e\u003ccode\u003e@​cyphercodes\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7302\"\u003etrpc/trpc#7302\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DORI2001\"\u003e\u003ccode\u003e@​DORI2001\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7336\"\u003etrpc/trpc#7336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sayefdeen\"\u003e\u003ccode\u003e@​sayefdeen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7340\"\u003etrpc/trpc#7340\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trpc/trpc/compare/v11.16.0...v11.17.0\"\u003ehttps://github.com/trpc/trpc/compare/v11.16.0...v11.17.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev11.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: OpenAPI Cyclic Types support by \u003ca href=\"https://github.com/Nick-Lucas\"\u003e\u003ccode\u003e@​Nick-Lucas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7283\"\u003etrpc/trpc#7283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Review stale skills (manual) by \u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7294\"\u003etrpc/trpc#7294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e@trpc/openapi\u003c/code\u003e 11.16.0-alpha\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDrops the type depth limit of 20, and significantly hardens cyclic-type support for both inference and Zod\u003c/li\u003e\n\u003cli\u003eSupport zod.lazy via Standard Schema fallback\u003c/li\u003e\n\u003cli\u003eStrip symbols from output (no more \u003ccode\u003e__@asyncIterator@5456\u003c/code\u003e symbols in output)\u003c/li\u003e\n\u003cli\u003eAdd more comprehensive types for the OpenAPI doc from the official package (now a dependency) and apply some patches to these types because they're slightly outdated\u003c/li\u003e\n\u003cli\u003eFixes several issues with gathering schema descriptions, such as consuming jsdoc comments from node_modules types\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github-actions\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e[bot] made their first contribution in \u003ca href=\"https://redirect.github.com/trpc/trpc/pull/7294\"\u003etrpc/trpc#7294\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/trpc/trpc/compare/v11.15.1...v11.16.0\"\u003ehttps://github.com/trpc/trpc/compare/v11.15.1...v11.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/23c723cfeaf07da28a52a5c35c3dcccf96a47578\"\u003e\u003ccode\u003e23c723c\u003c/code\u003e\u003c/a\u003e v11.17.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/2c5b6a8c6366c005508c0f481ad3ae344653a6f8\"\u003e\u003ccode\u003e2c5b6a8\u003c/code\u003e\u003c/a\u003e fix(server): handle React 19 proxy coercion in createInnerProxy (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/server/issues/7336\"\u003e#7336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/7ba14fdb6c351d93747bc883c5c61af22702aadb\"\u003e\u003ccode\u003e7ba14fd\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency \u003ccode\u003e@​oxc-project/runtime\u003c/code\u003e to v0.123.0 (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/server/issues/7311\"\u003e#7311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/48c51585463c03c95db9d0ea97447c4ca6c68134\"\u003e\u003ccode\u003e48c5158\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency \u003ccode\u003e@​tanstack/intent\u003c/code\u003e to ^0.0.27 (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/server/issues/7309\"\u003e#7309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/d3c4051f03d0ca1f31177cadc10adff21c9048b8\"\u003e\u003ccode\u003ed3c4051\u003c/code\u003e\u003c/a\u003e feat: Add subscription inferrence helpers (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/server/issues/7303\"\u003e#7303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/2b8a4f826d3b22829343cebd9b23e163dfeecd09\"\u003e\u003ccode\u003e2b8a4f8\u003c/code\u003e\u003c/a\u003e fix(server): unwrap error from cause for streaming onError (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/server/issues/7286\"\u003e#7286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/59f2cdb3c58310733b06d3b2e16c94065fe0a9c3\"\u003e\u003ccode\u003e59f2cdb\u003c/code\u003e\u003c/a\u003e chore: Review stale skills (v11.16.0) (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/server/issues/7295\"\u003e#7295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/2713275631db358f17f2fec71a7f7e04b3db4add\"\u003e\u003ccode\u003e2713275\u003c/code\u003e\u003c/a\u003e v11.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/85b0ab89850167ae14ec5376044e2ac2a051c1d8\"\u003e\u003ccode\u003e85b0ab8\u003c/code\u003e\u003c/a\u003e v11.15.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/trpc/trpc/commit/c4b1d7458ec869f6c51469f7fcd84b517d53ffae\"\u003e\u003ccode\u003ec4b1d74\u003c/code\u003e\u003c/a\u003e chore: Review stale skills (manual) (\u003ca href=\"https://github.com/trpc/trpc/tree/HEAD/packages/server/issues/7294\"\u003e#7294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/trpc/trpc/commits/v11.17.0/packages/server\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `axios` from 1.13.6 to 1.16.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/axios/axios/releases\"\u003eaxios's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.16.1 — May 13, 2026\u003c/h2\u003e\n\u003cp\u003eThis release ships a defence-in-depth fix for prototype pollution in \u003ccode\u003eformDataToJSON\u003c/code\u003e, hardens proxy and CI workflows, restores Webpack 4 compatibility for the fetch adapter, and includes several small bug fixes and maintenance improvements.\u003c/p\u003e\n\u003ch2\u003e🔒 Security Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePrototype Pollution Defence-in-Depth:\u003c/strong\u003e Hardened \u003ccode\u003eformDataToJSON\u003c/code\u003e against already-polluted \u003ccode\u003eObject.prototype\u003c/code\u003e by walking own properties only, so attacker-controlled keys inherited from a poisoned prototype cannot propagate through deserialization. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/7413\"\u003e#7413\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eProxy Cleartext Leak:\u003c/strong\u003e Fixed an issue where HTTPS request data could be transmitted in cleartext to an HTTP proxy under certain configurations. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10858\"\u003e#10858\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCI Cache Removal:\u003c/strong\u003e Removed all GitHub Actions caches as a defence-in-depth measure against cache poisoning vectors in the build pipeline. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10882\"\u003e#10882\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eData URI Parsing:\u003c/strong\u003e Updated the \u003ccode\u003efromDataURI\u003c/code\u003e regex to match RFC 2397 more strictly, fixing edge cases in \u003ccode\u003edata:\u003c/code\u003e URL handling. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10829\"\u003e#10829\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUnicode Headers:\u003c/strong\u003e Preserved Unicode header values when running through request interceptors, so non-ASCII header content is no longer corrupted before dispatch. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10850\"\u003e#10850\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eXHR Upload Progress:\u003c/strong\u003e Guarded against malformed \u003ccode\u003eProgressEvent\u003c/code\u003e payloads emitted by some environments during XHR upload, preventing crashes when \u003ccode\u003eloaded\u003c/code\u003e / \u003ccode\u003etotal\u003c/code\u003e are missing or invalid. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10868\"\u003e#10868\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWebpack 4 Fetch Adapter:\u003c/strong\u003e Fixed an \u0026quot;unexpected token\u0026quot; error caused by syntax in the fetch adapter that Webpack 4 could not parse, restoring compatibility for legacy bundler users. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10864\"\u003e#10864\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eType Definitions:\u003c/strong\u003e Made \u003ccode\u003eparseReviver\u003c/code\u003e \u003ccode\u003econtext.source\u003c/code\u003e optional in the type definitions to align with the ES2023 specification. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10837\"\u003e#10837\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eURL Object Support Reverted:\u003c/strong\u003e Reverted the change that allowed passing a \u003ccode\u003eURL\u003c/code\u003e object as \u003ccode\u003econfig.url\u003c/code\u003e (originally \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10866\"\u003e#10866\u003c/a\u003e\u003c/strong\u003e) due to regressions; this support will be reintroduced in a later release once the underlying issues are addressed. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10874\"\u003e#10874\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Maintenance \u0026amp; Chores\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCycle Detection Refactor:\u003c/strong\u003e Replaced the array-based cycle tracker in \u003ccode\u003etoJSONObject\u003c/code\u003e with a \u003ccode\u003eWeakSet\u003c/code\u003e, improving performance and memory behaviour on large nested structures. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10832\"\u003e#10832\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecomposeSignals Cleanup:\u003c/strong\u003e Refactored \u003ccode\u003ecomposeSignals\u003c/code\u003e to use a clearer early-return structure, simplifying the cancellation/abort composition path. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10844\"\u003e#10844\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAI Readiness \u0026amp; Repo Docs:\u003c/strong\u003e Added \u003ccode\u003eAGENTS.md\u003c/code\u003e and related contributor-guide updates for both human and AI agents, plus post-release documentation improvements. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10835\"\u003e#10835\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10841\"\u003e#10841\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDocs Improvements:\u003c/strong\u003e Clarified the GET request example, fixed the interceptor \u003ccode\u003eeject\u003c/code\u003e example to reference the correct instance, and corrected the Buzzoid sponsor description in the README. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10836\"\u003e#10836\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10853\"\u003e#10853\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10856\"\u003e#10856\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eSponsorship Tooling:\u003c/strong\u003e Fixed empty sponsor arrays in the sponsor processing script, added the ability to inject additional sponsors, updated the sponsorship link, and added a Twicsy advertisement entry. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10843\"\u003e#10843\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10859\"\u003e#10859\u003c/a\u003e\u003c/strong\u003e, \u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10869\"\u003e#10869\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDependencies:\u003c/strong\u003e Bumped \u003ccode\u003e@commitlint/cli\u003c/code\u003e from 20.5.0 to 20.5.2. (\u003cstrong\u003e\u003ca href=\"https://redirect.github.com/axios/axios/issues/10846\"\u003e#10846\u003c/a\u003e\u003c/strong\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🌟 New Contributors\u003c/h2\u003e\n\u003cp\u003eWe are thrilled to welcome our new contributors. Thank you for helping improve axios:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ca href=\"https://github.com/hpinmetaverse\"\u003e\u003ccode\u003e@​hpinmetaverse\u003c/code\u003e\u003c/a\u003e\u003c/strong\u003e (\u003cstrong\u003e\u003ca h...\n\n_Description has been truncated_","html_url":"https://github.com/Dianasmith6525/amerilendloan2/pull/21","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Dianasmith6525%2Famerilendloan2/issues/21","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/21/packages"}},{"old_version":"0.4.0","new_version":"0.7.2","update_type":"minor","path":null,"pr_created_at":"2026-05-22T23:51:55.000Z","version_change":"0.4.0 → 0.7.2","issue":{"uuid":"4506154405","node_id":"PR_kwDODiUv5M7ehbXL","number":17,"state":"closed","title":"Bump cookie and express","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-22T23:56:13.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-22T23:51:55.000Z","updated_at":"2026-05-22T23:56:15.000Z","time_to_close":258,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"cookie","repository_url":"https://github.com/jshttp/cookie","old_version":"0.4.0","new_version":"0.7.2"},{"name":"express","repository_url":"https://github.com/expressjs/express","old_version":"4.17.1","new_version":"4.22.2"}],"path":null,"ecosystem":"npm"},"body":"Bumps [cookie](https://github.com/jshttp/cookie) to 0.7.2 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.\n\nUpdates `cookie` from 0.4.0 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)  bc38ffd\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eAlthough not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd fast path for \u003ccode\u003eserialize\u003c/code\u003e without options, use \u003ccode\u003eobj.hasOwnProperty\u003c/code\u003e when parsing (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eperf: parse cookies ~10% faster (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e by \u003ca href=\"https://github.com/kurtextrem\"\u003e\u003ccode\u003e@​kurtextrem\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: narrow the validation of cookies to match RFC6265 (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/167\"\u003e#167\u003c/a\u003e by \u003ca href=\"https://github.com/bewinsnw\"\u003e\u003ccode\u003e@​bewinsnw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: add \u003ccode\u003emain\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e for rspack (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/166\"\u003e#166\u003c/a\u003e by \u003ca href=\"https://github.com/proudparrot2\"\u003e\u003ccode\u003e@​proudparrot2\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\"\u003ehttps://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003epartitioned\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003epriority\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eexpires\u003c/code\u003e option to reject invalid dates\u003c/li\u003e\n\u003cli\u003epref: improve default decode speed\u003c/li\u003e\n\u003cli\u003epref: remove slow string split in parse\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.4.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epref: read value only when assigning in parse\u003c/li\u003e\n\u003cli\u003epref: remove unnecessary regexp in parse\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.4.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003emaxAge\u003c/code\u003e option to reject invalid values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/d19eaa1a2bb9ca43ac0951edd852ba4e88e410e0\"\u003e\u003ccode\u003ed19eaa1\u003c/code\u003e\u003c/a\u003e 0.7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/bc38ffd0eae716b199236dda061d0bdc74192dd3\"\u003e\u003ccode\u003ebc38ffd\u003c/code\u003e\u003c/a\u003e Fix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/cf4658f492c5bd96aeaf5693c3500f8495031014\"\u003e\u003ccode\u003ecf4658f\u003c/code\u003e\u003c/a\u003e 0.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6a8b8f5a49af7897b98ebfb29a1c4955afa3d33e\"\u003e\u003ccode\u003e6a8b8f5\u003c/code\u003e\u003c/a\u003e Allow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/58015c0b93de0b63db245cfdc5a108e511a81ad0\"\u003e\u003ccode\u003e58015c0\u003c/code\u003e\u003c/a\u003e Remove more code and perf wins (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627\"\u003e\u003ccode\u003eab057d6\u003c/code\u003e\u003c/a\u003e 0.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542\"\u003e\u003ccode\u003e5f02ca8\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579\"\u003e\u003ccode\u003ea5d591c\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105\"\u003e\u003ccode\u003e51968f9\u003c/code\u003e\u003c/a\u003e Skip isNaN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc\"\u003e\u003ccode\u003e9e7ca51\u003c/code\u003e\u003c/a\u003e perf(parse): cache length, return early (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.4.0...v0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.17.1 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.17.1...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Kibrands/musicApiRest/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Kibrands/musicApiRest/pull/17","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kibrands%2FmusicApiRest/issues/17","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/17/packages"}},{"old_version":null,"new_version":null,"update_type":"removal","path":null,"pr_created_at":"2026-05-22T22:49:01.000Z","version_change":"removed","issue":{"uuid":"4505979258","node_id":"PR_kwDORZ8qPc7eg4i8","number":144,"state":"open","title":"chore(deps): bump cookie and @auth/core","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":6,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-22T22:49:01.000Z","updated_at":"2026-05-22T22:49:47.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"cookie","repository_url":"https://github.com/jshttp/cookie","old_version":null,"new_version":null,"is_removal":true},{"name":"@auth/core","repository_url":"https://github.com/nextauthjs/next-auth","old_version":"0.34.3","new_version":"0.41.2"}],"path":null,"ecosystem":"npm"},"body":"Removes [cookie](https://github.com/jshttp/cookie). It's no longer used after updating ancestor dependency [@auth/core](https://github.com/nextauthjs/next-auth). These dependencies need to be updated together.\n\nRemoves `cookie`\n\nUpdates `@auth/core` from 0.34.3 to 0.41.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nextauthjs/next-auth/releases\"\u003e@​auth/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​auth/core\u003c/code\u003e\u003ca href=\"https://github.com/0\"\u003e\u003ccode\u003e@​0\u003c/code\u003e\u003c/a\u003e.41.2\u003c/h2\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eproviders\u003c/strong\u003e: add issuer to GitHub provider for RFC 9207 compliance (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13410\"\u003e#13410\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esync package versions with npm registry (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13414\"\u003e#13414\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​auth/core\u003c/code\u003e\u003ca href=\"https://github.com/0\"\u003e\u003ccode\u003e@​0\u003c/code\u003e\u003c/a\u003e.41.1\u003c/h2\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esecurity issue from \u003ccode\u003enodemailer\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13305\"\u003e#13305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eupdate links for Credentials-based Authentication (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13258\"\u003e#13258\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​auth/core\u003c/code\u003e\u003ca href=\"https://github.com/0\"\u003e\u003ccode\u003e@​0\u003c/code\u003e\u003c/a\u003e.41.0\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eproviders\u003c/strong\u003e: support custom baseURL for Gitlab (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13260\"\u003e#13260\u003c/a\u003e) (745751e9)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix build\u003c/li\u003e\n\u003cli\u003eadjust default fusionauth provider details (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/10868\"\u003e#10868\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/af9daa82a56952e601691a0c57f7e4740c5f2f58\"\u003e\u003ccode\u003eaf9daa8\u003c/code\u003e\u003c/a\u003e chore(release): bump package version(s) [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/d4dab3dd94f0f726a0db094b1ce0cf2231c98bcf\"\u003e\u003ccode\u003ed4dab3d\u003c/code\u003e\u003c/a\u003e chore: sync package versions with npm registry (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13414\"\u003e#13414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/8a23c5b27001fa05034c136fe3cbf8ee5199324b\"\u003e\u003ccode\u003e8a23c5b\u003c/code\u003e\u003c/a\u003e chore: fix lockfile (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13411\"\u003e#13411\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/2018202b9f9cf850c3c755393174125251f744ff\"\u003e\u003ccode\u003e2018202\u003c/code\u003e\u003c/a\u003e docs: fix TypeScript type mismatch in refresh token rotation example (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13396\"\u003e#13396\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/0eba7e442f10713873b418ed3433121f241e7456\"\u003e\u003ccode\u003e0eba7e4\u003c/code\u003e\u003c/a\u003e adapter-kysely: Update kysely for CVE-2026-33468 (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13407\"\u003e#13407\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/67f2b168d5e4dfbcec421ec42246fae786f71e52\"\u003e\u003ccode\u003e67f2b16\u003c/code\u003e\u003c/a\u003e fix(providers): add issuer to GitHub provider for RFC 9207 compliance (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13410\"\u003e#13410\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/f4570683676039dfa4e47e3fd69224d74dc7f6ca\"\u003e\u003ccode\u003ef457068\u003c/code\u003e\u003c/a\u003e docs: update middleware.ts references to proxy.ts for Next.js 16 (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13373\"\u003e#13373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/c7c2cfa5780c72ee4adf6d93d830ef7ea8d252c5\"\u003e\u003ccode\u003ec7c2cfa\u003c/code\u003e\u003c/a\u003e docs: update Better Auth migration guide (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13334\"\u003e#13334\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/b4ef14ab51d26d5c9aaac757ef2155a100bc21da\"\u003e\u003ccode\u003eb4ef14a\u003c/code\u003e\u003c/a\u003e chore(release): bump version [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nextauthjs/next-auth/commit/2824fa1174a666df03cdee702584941b797c9404\"\u003e\u003ccode\u003e2824fa1\u003c/code\u003e\u003c/a\u003e feat: add next 16 support (\u003ca href=\"https://redirect.github.com/nextauthjs/next-auth/issues/13298\"\u003e#13298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nextauthjs/next-auth/compare/@auth/core@0.34.3...@auth/core@0.41.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~better-gustavo\"\u003ebetter-gustavo\u003c/a\u003e, a new releaser for \u003ccode\u003e@​auth/core\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/undone0603/authichain-unified/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/undone0603/authichain-unified/pull/144","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/undone0603%2Fauthichain-unified/issues/144","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/144/packages"}},{"old_version":"0.6.0","new_version":"1.1.1","update_type":"major","path":null,"pr_created_at":"2026-05-22T04:50:02.000Z","version_change":"0.6.0 → 1.1.1","issue":{"uuid":"4499913173","node_id":"PR_kwDOPXTbT87eNNb5","number":82,"state":"open","title":"chore(deps): bump cookie from 0.6.0 to 1.1.1","user":"dependabot[bot]","labels":["dependencies","configuration"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-22T04:50:02.000Z","updated_at":"2026-05-22T04:50:10.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"cookie","old_version":"0.6.0","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"}],"path":null,"ecosystem":"npm"},"body":"Bumps [cookie](https://github.com/jshttp/cookie) from 0.6.0 to 1.1.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cookie\u0026package-manager=npm_and_yarn\u0026previous-version=0.6.0\u0026new-version=1.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Tomdrouv1/coherent.js/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Tomdrouv1/coherent.js/pull/82","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tomdrouv1%2Fcoherent.js/issues/82","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/82/packages"}},{"old_version":"0.5.0","new_version":"1.1.1","update_type":"major","path":null,"pr_created_at":"2026-05-22T04:35:17.000Z","version_change":"0.5.0 → 1.1.1","issue":{"uuid":"4499846797","node_id":"PR_kwDOSQyLJc7eM_8V","number":6,"state":"open","title":"build(deps): bump the npm_and_yarn group across 1 directory with 3 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-22T04:35:17.000Z","updated_at":"2026-05-22T04:35:56.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"npm_and_yarn","update_count":3,"packages":[{"name":"next","old_version":"15.0.3","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"postcss","old_version":"8.4.35","new_version":"8.5.10","repository_url":"https://github.com/postcss/postcss"},{"name":"cookie","old_version":"0.5.0","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 3 updates in the / directory: [next](https://github.com/vercel/next.js), [postcss](https://github.com/postcss/postcss) and [cookie](https://github.com/jshttp/cookie).\n\nUpdates `next` from 15.0.3 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.18\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.16\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9ff92cebcaa6ba4e7463b6fd037a8510ba9b81ec\"\u003e\u003ccode\u003e9ff92ce\u003c/code\u003e\u003c/a\u003e v15.5.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/00ebe23562bd7eb32dd78730984bfadb47138bcf\"\u003e\u003ccode\u003e00ebe23\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/62c97ab0b5825e2cbc15f6b682d8286a8dd6a038\"\u003e\u003ccode\u003e62c97ab\u003c/code\u003e\u003c/a\u003e v15.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/423623ae38c106273085b66946ee5bf9aab77f2c\"\u003e\u003ccode\u003e423623a\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fa787399b38d9aa702118f9bd23a8315b9f0ecc6\"\u003e\u003ccode\u003efa78739\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36e62c6eb7813e42d409eb487f93b829f4ad77e8\"\u003e\u003ccode\u003e36e62c6\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93588\"\u003e#93588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36589b5db512b7704cdadd873cbe49b6dbcc9261\"\u003e\u003ccode\u003e36589b5\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93596\"\u003e#93596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ad6fd4e50e5aba20b60d283c42b89273a3167ccd\"\u003e\u003ccode\u003ead6fd4e\u003c/code\u003e\u003c/a\u003e v15.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/79d7dff1448483f0c8f187f98887b31019f6e494\"\u003e\u003ccode\u003e79d7dff\u003c/code\u003e\u003c/a\u003e Ignore malformed CSP nonce headers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c4f69086cc8dcbd81b1dbc321c98ea874d90d6f8\"\u003e\u003ccode\u003ec4f6908\u003c/code\u003e\u003c/a\u003e router-server: guard upgrade proxy against absolute-url SSRF (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/77\"\u003e#77\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v15.0.3...v15.5.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postcss` from 8.4.35 to 8.5.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/releases\"\u003epostcss's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003ePostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e during \u003ca href=\"https://redirect.github.com/postcss/postcss/issues/1995\"\u003ehis work\u003c/a\u003e on \u003ca href=\"https://stylelint.io\"\u003eStylelint\u003c/a\u003e added \u003ccode\u003eInput#document\u003c/code\u003e in additional to \u003ccode\u003eInput#css\u003c/code\u003e.\u003c/p\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003eroot.source.input.document //=\u0026gt; \u0026quot;\u0026lt;p\u0026gt;Hello\u0026lt;/p\u0026gt;\r\n                           //    \u0026lt;style\u0026gt;\r\n                           //    p {\r\n                           //      color: green;\r\n                           //    }\r\n                           //    \u0026lt;/style\u0026gt;\u0026quot;\r\nroot.source.input.css      //=\u0026gt; \u0026quot;p {\r\n                           //      color: green;\r\n                           //    }\u0026quot;\r\n\u003cp\u003e\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/postcss/postcss/blob/main/CHANGELOG.md\"\u003epostcss's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.5.10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed XSS via unescaped \u003ccode\u003e\u0026lt;/style\u0026gt;\u003c/code\u003e in non-bundler cases (by \u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up source map encoding paring in case of the error.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.8\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eProcessor#version\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved source map annotation cleaning performance (by CodeAnt AI).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003eContainerWithChildren\u003c/code\u003e type discriminating (by \u003ca href=\"https://github.com/Goodwine\"\u003e\u003ccode\u003e@​Goodwine\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003epackage.json\u003c/code\u003e→\u003ccode\u003eexports\u003c/code\u003e compatibility with some tools (by \u003ca href=\"https://github.com/JounQin\"\u003e\u003ccode\u003e@​JounQin\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Parcel compatibility issue (by \u003ca href=\"https://github.com/git-sumitchaudhary\"\u003e\u003ccode\u003e@​git-sumitchaudhary\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded more details to \u003ccode\u003eUnknown word\u003c/code\u003e error (by \u003ca href=\"https://github.com/hiepxanh\"\u003e\u003ccode\u003e@​hiepxanh\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed types (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed docs (by \u003ca href=\"https://github.com/catnipan\"\u003e\u003ccode\u003e@​catnipan\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed end position of rules with semicolon (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed backwards compatibility for complex cases (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.5 “Duke Alloces”\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eInput#document\u003c/code\u003e for sources like CSS-in-JS or HTML (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.4.49\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed custom syntax without \u003ccode\u003esource.offset\u003c/code\u003e (by \u003ca href=\"https://github.com/romainmenke\"\u003e\u003ccode\u003e@​romainmenke\u003c/code\u003e\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986\"\u003e\u003ccode\u003e33b9790\u003c/code\u003e\u003c/a\u003e Release 8.5.10 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b\"\u003e\u003ccode\u003e536c79e\u003c/code\u003e\u003c/a\u003e Escape \u0026lt;/style\u0026gt; in CSS output (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2074\"\u003e#2074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4\"\u003e\u003ccode\u003eafa96b2\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2073\"\u003e#2073\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d\"\u003e\u003ccode\u003eeffe88b\u003c/code\u003e\u003c/a\u003e Typo (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2072\"\u003e#2072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad\"\u003e\u003ccode\u003e3ee79a2\u003c/code\u003e\u003c/a\u003e Thread model (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01\"\u003e\u003ccode\u003e2e0683d\u003c/code\u003e\u003c/a\u003e Create incident response docs (\u003ca href=\"https://redirect.github.com/postcss/postcss/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/fe88ac29c06b7b218be32994cdc6ca1525bdf2c9\"\u003e\u003ccode\u003efe88ac2\u003c/code\u003e\u003c/a\u003e Release 8.5.9 version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/c551632496b87ab3f1965bfda5dc386b6c71963e\"\u003e\u003ccode\u003ec551632\u003c/code\u003e\u003c/a\u003e Avoid RegExp when we can use simple JS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/89a6b744060eb8dee743351c785a9fbe37d4525a\"\u003e\u003ccode\u003e89a6b74\u003c/code\u003e\u003c/a\u003e Move SECURITY.txt for docs folder to keep GitHub page cleaner\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/postcss/postcss/commit/6ceb8a46af9f9de821faee98f861bdf84617347b\"\u003e\u003ccode\u003e6ceb8a4\u003c/code\u003e\u003c/a\u003e Create SECURITY.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/postcss/postcss/compare/8.4.35...8.5.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.5.0 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.5.0...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/DingJun1028/esggo_original/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/DingJun1028/esggo_original/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DingJun1028%2Fesggo_original/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"0.4.2","new_version":"0.7.2","update_type":"minor","path":null,"pr_created_at":"2026-05-22T00:23:54.000Z","version_change":"0.4.2 → 0.7.2","issue":{"uuid":"4498791047","node_id":"PR_kwDOSkcNvs7eJp52","number":4,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 25 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-22T00:24:26.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-22T00:23:54.000Z","updated_at":"2026-05-22T00:24:28.000Z","time_to_close":32,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":25,"packages":[{"name":"dottie","old_version":"2.0.6","new_version":"2.0.7","repository_url":"https://github.com/mickhansen/dottie.js"},{"name":"file-type","old_version":"16.5.4","new_version":"21.3.2","repository_url":"https://github.com/sindresorhus/file-type"},{"name":"multer","old_version":"1.4.5-lts.2","new_version":"2.1.1","repository_url":"https://github.com/expressjs/multer"},{"name":"sanitize-html","old_version":"1.4.2","new_version":"2.12.1","repository_url":"https://github.com/apostrophecms/apostrophe"},{"name":"sequelize","old_version":"6.37.7","new_version":"6.37.8","repository_url":"https://github.com/sequelize/sequelize"},{"name":"socket.io","old_version":"3.1.2","new_version":"4.6.2","repository_url":"https://github.com/socketio/socket.io"},{"name":"brace-expansion","old_version":"1.1.12","new_version":"2.1.0","repository_url":"https://github.com/juliangruber/brace-expansion"},{"name":"braces","old_version":"2.3.2","new_version":"removed","repository_url":"https://github.com/micromatch/braces"},{"name":"@xmldom/xmldom","old_version":"0.8.11","new_version":"0.8.13","repository_url":"https://github.com/xmldom/xmldom"},{"name":"cookie","old_version":"0.4.2","new_version":"0.7.2","repository_url":"https://github.com/jshttp/cookie"},{"name":"crypto-js","old_version":"3.3.0","new_version":"removed","repository_url":"https://github.com/brix/crypto-js"},{"name":"diff","old_version":"4.0.2","new_version":"4.0.4","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"diff","old_version":"5.0.0","new_version":"5.2.2","repository_url":"https://github.com/kpdecker/jsdiff"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"follow-redirects","old_version":"1.15.11","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"handlebars","old_version":"4.7.8","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 15 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [dottie](https://github.com/mickhansen/dottie.js) | `2.0.6` | `2.0.7` |\n| [file-type](https://github.com/sindresorhus/file-type) | `16.5.4` | `21.3.2` |\n| [multer](https://github.com/expressjs/multer) | `1.4.5-lts.2` | `2.1.1` |\n| [sanitize-html](https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html) | `1.4.2` | `2.12.1` |\n| [sequelize](https://github.com/sequelize/sequelize) | `6.37.7` | `6.37.8` |\n| [socket.io](https://github.com/socketio/socket.io) | `3.1.2` | `4.6.2` |\n| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.12` | `2.1.0` |\n| [braces](https://github.com/micromatch/braces) | `2.3.2` | `removed` |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.11` | `0.8.13` |\n| [cookie](https://github.com/jshttp/cookie) | `0.4.2` | `0.7.2` |\n| [crypto-js](https://github.com/brix/crypto-js) | `3.3.0` | `removed` |\n| [diff](https://github.com/kpdecker/jsdiff) | `4.0.2` | `4.0.4` |\n| [diff](https://github.com/kpdecker/jsdiff) | `5.0.0` | `5.2.2` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.3.3` | `3.4.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.11` | `1.16.0` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.8` | `4.7.9` |\n\n\nUpdates `dottie` from 2.0.6 to 2.0.7\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickhansen/dottie.js/commit/334c32b80ed536522b567ee6a844caf8e5fef9c3\"\u003e\u003ccode\u003e334c32b\u003c/code\u003e\u003c/a\u003e 2.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickhansen/dottie.js/commit/7e8fa1345a4b46325f0eab8d7aeb1c4deaefdb14\"\u003e\u003ccode\u003e7e8fa13\u003c/code\u003e\u003c/a\u003e fix: check all path segments for dangerous keys (bypass of CVE-2023-2… (\u003ca href=\"https://redirect.github.com/mickhansen/dottie.js/issues/43\"\u003e#43\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mickhansen/dottie.js/commit/a72eb993212939d60a2801843ce3e968dfc5c6a6\"\u003e\u003ccode\u003ea72eb99\u003c/code\u003e\u003c/a\u003e Update test GitHub Action (\u003ca href=\"https://redirect.github.com/mickhansen/dottie.js/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mickhansen/dottie.js/compare/v2.0.6...v2.0.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `file-type` from 16.5.4 to 21.3.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sindresorhus/file-type/releases\"\u003efile-type's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev21.3.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix ZIP bomb in known-size ZIP probing (GHSA-j47w-4g3g-c36v)  a155cd7\u003c/li\u003e\n\u003cli\u003eFix bound recursive BOM and ID3 detection  370ed91\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.3.1...v21.3.2\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.3.1...v21.3.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix infinite loop in ASF parser on malformed input (\u003ca href=\"https://github.com/sindresorhus/file-type/security/advisories/GHSA-5v7r-6r5c-r473\"\u003ehttps://github.com/sindresorhus/file-type/security/advisories/GHSA-5v7r-6r5c-r473\u003c/a\u003e)  319abf8\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.3.0...v21.3.1\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.3.0...v21.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Mach-O Universal (aka \u0026quot;Fat\u0026quot;) binaries and additional architectures (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/779\"\u003e#779\u003c/a\u003e)  d223491\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.2.0...v21.3.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.2.0...v21.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for SPSS data files (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/787\"\u003e#787\u003c/a\u003e)  889f638\u003c/li\u003e\n\u003cli\u003eAdd support for JMP (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/784\"\u003e#784\u003c/a\u003e)  093dba0\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.1.1...v21.2.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.1.1...v21.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix handling of partial Gunzip file (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/783\"\u003e#783\u003c/a\u003e)  710e053\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.1.0...v21.1.1\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.1.0...v21.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003e.tar.gz\u003c/code\u003e (gunzipped tarball file) (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/763\"\u003e#763\u003c/a\u003e)  eda03a7\u003c/li\u003e\n\u003cli\u003eAdd support for Windows registry (.reg) files   0db61ec 7d2ddcf\u003c/li\u003e\n\u003cli\u003eAdd support for Windows registry hive file (\u003ccode\u003e.dat\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/767\"\u003e#767\u003c/a\u003e)  f8d62be\u003c/li\u003e\n\u003cli\u003eFix: Handle partial unzip (\u003ca href=\"https://redirect.github.com/sindresorhus/file-type/issues/773\"\u003e#773\u003c/a\u003e)  7ad3a90\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/compare/v21.0.0...v21.1.0\"\u003ehttps://github.com/sindresorhus/file-type/compare/v21.0.0...v21.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev21.0.0\u003c/h2\u003e\n\u003ch3\u003eBreaking\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/e18028c3cc19441477c3459991fee9770d88c218\"\u003e\u003ccode\u003ee18028c\u003c/code\u003e\u003c/a\u003e 21.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/a155cd71323279de173c54e8c530d300d3854fdd\"\u003e\u003ccode\u003ea155cd7\u003c/code\u003e\u003c/a\u003e Fix ZIP bomb in known-size ZIP probing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/69548179cca2c0ab6a0cc93af59392f8c351cab1\"\u003e\u003ccode\u003e6954817\u003c/code\u003e\u003c/a\u003e Harden parser more\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/370ed9185d112eea4d989fecb843597b1d94cf09\"\u003e\u003ccode\u003e370ed91\u003c/code\u003e\u003c/a\u003e Fix bound recursive BOM and ID3 detection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/d2ecea187c47b944a9c001ae7637f02baed0825a\"\u003e\u003ccode\u003ed2ecea1\u003c/code\u003e\u003c/a\u003e Add a few more safeguards\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/41fcff5de64cfb53da6b2b9c048ebea8213f32c2\"\u003e\u003ccode\u003e41fcff5\u003c/code\u003e\u003c/a\u003e Update readme\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/a8f6934ddd93c3e12cc4ecb0cfc3e8d816d4b9fd\"\u003e\u003ccode\u003ea8f6934\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/ad5857e5384874e853cc9c4c29b867f1135a7c30\"\u003e\u003ccode\u003ead5857e\u003c/code\u003e\u003c/a\u003e 21.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/5d2fedf104dc5067b51a1f31410aa60052c74f64\"\u003e\u003ccode\u003e5d2fedf\u003c/code\u003e\u003c/a\u003e Harden parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sindresorhus/file-type/commit/319abf871b50ba2fa221b4a7050059f1ae096f4f\"\u003e\u003ccode\u003e319abf8\u003c/code\u003e\u003c/a\u003e Fix infinite loop in ASF parser on malformed input\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sindresorhus/file-type/compare/v16.5.4...v21.3.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `multer` from 1.4.5-lts.2 to 2.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/multer/releases\"\u003emulter's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.1\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-3520\"\u003eCVE-2026-3520\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-5528-5vmv-3xc2\"\u003eGHSA-5528-5vmv-3xc2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: add node version to 25.x in CI by \u003ca href=\"https://github.com/imangas\"\u003e\u003ccode\u003e@​imangas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1372\"\u003eexpressjs/multer#1372\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1378\"\u003eexpressjs/multer#1378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1377\"\u003eexpressjs/multer#1377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump github/codeql-action from 3.24.7 to 4.32.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1376\"\u003eexpressjs/multer#1376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump actions/upload-artifact from 4.5.0 to 7.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1375\"\u003eexpressjs/multer#1375\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump actions/checkout from 4.1.1 to 6.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1374\"\u003eexpressjs/multer#1374\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix error/abort handling by \u003ca href=\"https://github.com/ctcpip\"\u003e\u003ccode\u003e@​ctcpip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1373\"\u003eexpressjs/multer#1373\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e2.1.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1380\"\u003eexpressjs/multer#1380\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/imangas\"\u003e\u003ccode\u003e@​imangas\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1372\"\u003eexpressjs/multer#1372\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1378\"\u003eexpressjs/multer#1378\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/multer/compare/v2.1.0...v2.1.1\"\u003ehttps://github.com/expressjs/multer/compare/v2.1.0...v2.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.1.0\u003c/h2\u003e\n\u003ch2\u003eImportant\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-2359\"\u003eCVE-2026-2359\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-v52c-386h-88mc\"\u003eGHSA-v52c-386h-88mc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-3304\"\u003eCVE-2026-3304\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-xf7r-hgr6-v32p\"\u003eGHSA-xf7r-hgr6-v32p\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: add funding to package.json by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1346\"\u003eexpressjs/multer#1346\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: drop mkdirp dependency by \u003ca href=\"https://github.com/wojtekmaj\"\u003e\u003ccode\u003e@​wojtekmaj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1350\"\u003eexpressjs/multer#1350\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: drop object-assign dependency by \u003ca href=\"https://github.com/wojtekmaj\"\u003e\u003ccode\u003e@​wojtekmaj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1351\"\u003eexpressjs/multer#1351\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: drop xtend dependency by \u003ca href=\"https://github.com/wojtekmaj\"\u003e\u003ccode\u003e@​wojtekmaj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1352\"\u003eexpressjs/multer#1352\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(gitignore): ignore .nyc_output directory by \u003ca href=\"https://github.com/ShubhamOulkar\"\u003e\u003ccode\u003e@​ShubhamOulkar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1332\"\u003eexpressjs/multer#1332\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in README-vi.md regarding file upload by \u003ca href=\"https://github.com/Kunniii\"\u003e\u003ccode\u003e@​Kunniii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1366\"\u003eexpressjs/multer#1366\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in README-pt-br.md for array method by \u003ca href=\"https://github.com/matheushbm192\"\u003e\u003ccode\u003e@​matheushbm192\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1367\"\u003eexpressjs/multer#1367\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eheaders-support-utf8 by \u003ca href=\"https://github.com/Doc999tor\"\u003e\u003ccode\u003e@​Doc999tor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1210\"\u003eexpressjs/multer#1210\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Turkish translation (README-tr.md) by \u003ca href=\"https://github.com/Sabandogan\"\u003e\u003ccode\u003e@​Sabandogan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1360\"\u003eexpressjs/multer#1360\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 2.1.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1371\"\u003eexpressjs/multer#1371\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wojtekmaj\"\u003e\u003ccode\u003e@​wojtekmaj\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1350\"\u003eexpressjs/multer#1350\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ShubhamOulkar\"\u003e\u003ccode\u003e@​ShubhamOulkar\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1332\"\u003eexpressjs/multer#1332\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kunniii\"\u003e\u003ccode\u003e@​Kunniii\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1366\"\u003eexpressjs/multer#1366\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/matheushbm192\"\u003e\u003ccode\u003e@​matheushbm192\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1367\"\u003eexpressjs/multer#1367\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Doc999tor\"\u003e\u003ccode\u003e@​Doc999tor\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1210\"\u003eexpressjs/multer#1210\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Sabandogan\"\u003e\u003ccode\u003e@​Sabandogan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1360\"\u003eexpressjs/multer#1360\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/multer/compare/v2.0.2...v2.1.0\"\u003ehttps://github.com/expressjs/multer/compare/v2.0.2...v2.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/multer/blob/main/CHANGELOG.md\"\u003emulter's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-3520\"\u003eCVE-2026-3520\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-5528-5vmv-3xc2\"\u003eGHSA-5528-5vmv-3xc2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix error/abort handling\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003edefParamCharset\u003c/code\u003e option for UTF-8 filename support (\u003ca href=\"https://redirect.github.com/expressjs/multer/pull/1210\"\u003e#1210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-2359\"\u003eCVE-2026-2359\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-v52c-386h-88mc\"\u003eGHSA-v52c-386h-88mc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2026-3304\"\u003eCVE-2026-3304\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-xf7r-hgr6-v32p\"\u003eGHSA-xf7r-hgr6-v32p\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-7338\"\u003eCVE-2025-7338\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-fjgf-rc76-4x9p\"\u003eGHSA-fjgf-rc76-4x9p\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-48997\"\u003eCVE-2025-48997\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-g5hg-p3ph-g8qg\"\u003eGHSA-g5hg-p3ph-g8qg\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBreaking change: The minimum supported Node version is now 10.16.0\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-47935\"\u003eCVE-2025-47935\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-44fp-w29j-9vj5\"\u003eGHSA-44fp-w29j-9vj5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2025-47944\"\u003eCVE-2025-47944\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/multer/security/advisories/GHSA-4pg4-qvpc-4q3h\"\u003eGHSA-4pg4-qvpc-4q3h\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/368c8a10cca11854cf17c24029fefd1eafb1c059\"\u003e\u003ccode\u003e368c8a1\u003c/code\u003e\u003c/a\u003e 2.1.1 (\u003ca href=\"https://redirect.github.com/expressjs/multer/issues/1380\"\u003e#1380\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/7e66481f8b2e6c54b982b34c152479e096ce2752\"\u003e\u003ccode\u003e7e66481\u003c/code\u003e\u003c/a\u003e 🐛 fix recursion issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/643571ef85e9db94b87a777773f4d67156f82a3e\"\u003e\u003ccode\u003e643571e\u003c/code\u003e\u003c/a\u003e ✅ add explicit test for client able to send body without abrupt disconnect\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/e86fa523753f8d54ad0687bf52fb20044b6fa309\"\u003e\u003ccode\u003ee86fa52\u003c/code\u003e\u003c/a\u003e fix error/abort handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/ca37779bf1f531a70af9977805380d0f51d293e2\"\u003e\u003ccode\u003eca37779\u003c/code\u003e\u003c/a\u003e chore(deps): bump actions/checkout from 4.1.1 to 6.0.2 (\u003ca href=\"https://redirect.github.com/expressjs/multer/issues/1374\"\u003e#1374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/13088f41e3bf8c3fc21d8c2867ffafb42470ed09\"\u003e\u003ccode\u003e13088f4\u003c/code\u003e\u003c/a\u003e chore(deps): bump actions/upload-artifact from 4.5.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/expressjs/multer/issues/1375\"\u003e#1375\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/bc6a1d1374f7ddc9baf9d22bf7c30f831c621e3a\"\u003e\u003ccode\u003ebc6a1d1\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action from 3.24.7 to 4.32.4 (\u003ca href=\"https://redirect.github.com/expressjs/multer/issues/1376\"\u003e#1376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/c496e931263a901ccfc0821ac21768ac23786f77\"\u003e\u003ccode\u003ec496e93\u003c/code\u003e\u003c/a\u003e chore(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 (\u003ca href=\"https://redirect.github.com/expressjs/multer/issues/1377\"\u003e#1377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/fa173d30d01f4e18a8be74570b2770c7230b8b05\"\u003e\u003ccode\u003efa173d3\u003c/code\u003e\u003c/a\u003e chore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.3 (\u003ca href=\"https://redirect.github.com/expressjs/multer/issues/1378\"\u003e#1378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/multer/commit/17d7f5193a237ebfd4c19274c7a6729538b4a9a0\"\u003e\u003ccode\u003e17d7f51\u003c/code\u003e\u003c/a\u003e chore: add node version to 25.x in CI\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/multer/compare/v1.4.5-lts.2...v2.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~ulisesgascon\"\u003eulisesgascon\u003c/a\u003e, a new releaser for multer since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sanitize-html` from 1.4.2 to 2.12.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apostrophecms/apostrophe/blob/main/packages/sanitize-html/CHANGELOG.md\"\u003esanitize-html's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.12.1 (2024-02-22)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDo not parse sourcemaps in \u003ccode\u003epost-css\u003c/code\u003e. This fixes a vulnerability in which information about the existence or non-existence of files on a server could be disclosed via properly crafted HTML input when the \u003ccode\u003estyle\u003c/code\u003e attribute is allowed by the configuration. Thanks to the \u003ca href=\"https://snyk.io/\"\u003eSnyk Security team\u003c/a\u003e for the disclosure and to \u003ca href=\"https://dylan.is/\"\u003eDylan Armstrong\u003c/a\u003e for the fix.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.12.0 (2024-02-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eIntroduced the \u003ccode\u003eallowedEmptyAttributes\u003c/code\u003e option, enabling explicit specification of empty string values for select attributes, with the default attribute set to \u003ccode\u003ealt\u003c/code\u003e. Thanks to \u003ca href=\"https://github.com/zhna123\"\u003eNa\u003c/a\u003e for the contribution.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eClarified the use of SVGs with a new test and changes to documentation. Thanks to \u003ca href=\"https://github.com/gkumar9891\"\u003eGauav Kumar\u003c/a\u003e for the contribution.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDo not process source maps when processing style tags with PostCSS.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.11.0 (2023-06-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix to allow \u003ccode\u003efalse\u003c/code\u003e in \u003ccode\u003eallowedClasses\u003c/code\u003e attributes. Thanks to \u003ca href=\"https://github.com/KevinSJ\"\u003eKevin Jiang\u003c/a\u003e for this fix!\u003c/li\u003e\n\u003cli\u003eUpgrade mocha version\u003c/li\u003e\n\u003cli\u003eApply small linter fixes in tests\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e.idea\u003c/code\u003e temp files to \u003ccode\u003e.gitignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThanks to \u003ca href=\"https://github.com/VitaliiShpital\"\u003eVitalii Shpital\u003c/a\u003e for the updates!\u003c/li\u003e\n\u003cli\u003eShow parseStyleAttributes warning in browser only. Thanks to \u003ca href=\"https://github.com/mog422\"\u003emog422\u003c/a\u003e for this update!\u003c/li\u003e\n\u003cli\u003eRemove empty non-boolean attributes via an exhaustive, configurable list of known non-boolean attributes. \u003ca href=\"https://github.com/dylanarmstrong\"\u003eThanks to Dylan Armstrong\u003c/a\u003e for this update!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.10.0 (2023-02-17)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix auto-adding escaped closing tags. In other words, do not add implied closing tags to disallowed tags when \u003ccode\u003edisallowedTagMode\u003c/code\u003e is set to any variant of \u003ccode\u003eescape\u003c/code\u003e -- just escape the disallowed tags that are present. This fixes [issue \u003ca href=\"https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html/issues/464\"\u003e#464\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/apostrophecms/sanitize-html/issues/464\"\u003eapostrophecms/sanitize-html#464\u003c/a\u003e). Thanks to \u003ca href=\"https://github.com/dliebner\"\u003eDaniel Liebner\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003etagAllowed()\u003c/code\u003e helper function which takes a tag name and checks it against \u003ccode\u003eoptions.allowedTags\u003c/code\u003e and returns \u003ccode\u003etrue\u003c/code\u003e if the tag is allowed and \u003ccode\u003efalse\u003c/code\u003e if it is not.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.9.0 (2023-01-27)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd option parseStyleAttributes to skip style parsing. This fixes [issue \u003ca href=\"https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html/issues/547\"\u003e#547\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/apostrophecms/sanitize-html/issues/547\"\u003eapostrophecms/sanitize-html#547\u003c/a\u003e). Thanks to \u003ca href=\"https://github.com/bertyhell\"\u003eBert Verhelst\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.8.1 (2022-12-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIf the argument is a number, convert it to a string, for backwards compatibility. Thanks to \u003ca href=\"https://github.com/alexander-schranz\"\u003eAlexander Schranz\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.8.0 (2022-12-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrades \u003ccode\u003ehtmlparser2\u003c/code\u003e to new major version \u003ccode\u003e^8.0.0\u003c/code\u003e. Thanks to \u003ca href=\"https://github.com/kedarchandrayan\"\u003eKedar Chandrayan\u003c/a\u003e for this contribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.7.3 (2022-10-24)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIf allowedTags is falsy but not exactly \u003ccode\u003efalse\u003c/code\u003e, then do not assume that all tags are allowed. Rather, allow no tags in this case, to be on the safe side. This matches the existing documentation and fixes [issue \u003ca href=\"https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html/issues/176\"\u003e#176\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/apostrophecms/sanitize-html/issues/176\"\u003eapostrophecms/sanitize-html#176\u003c/a\u003e). Thanks to \u003ca href=\"https://github.com/kedarchandrayan\"\u003eKedar Chandrayan\u003c/a\u003e for the fix.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.7.2 (2022-09-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClosing tags must agree with opening tags. This fixes [issue \u003ca href=\"https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html/issues/549\"\u003e#549\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/apostrophecms/sanitize-html/issues/549\"\u003eapostrophecms/sanitize-html#549\u003c/a\u003e), in which closing tags not associated with any permitted opening tag could be passed through. No known exploit exists, but it's better not to permit this. Thanks to\n\u003ca href=\"https://github.com/kedarchandrayan\"\u003eKedar Chandrayan\u003c/a\u003e for the report and the fix.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.7.1 (2022-07-20)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/apostrophecms/apostrophe/commits/2.12.1/packages/sanitize-html\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sequelize` from 6.37.7 to 6.37.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sequelize/sequelize/releases\"\u003esequelize's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.37.8\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/sequelize/sequelize/compare/v6.37.7...v6.37.8\"\u003e6.37.8\u003c/a\u003e (2026-03-07)\u003c/h2\u003e\n\u003ch3\u003eSecurity improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003evalidate cast types in JSON where clauses (\u003ca href=\"https://github.com/sequelize/sequelize/commit/b1475280b82159c11b829b43568da370f598a9e4\"\u003eb147528\u003c/a\u003e) (\u003ca href=\"https://github.com/sequelize/sequelize/security/advisories/GHSA-6457-6jrx-69cr\"\u003eCVE-2026-30951\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sequelize/sequelize/commit/cb7f99ad05de56137672ab95586359ff6ceba004\"\u003e\u003ccode\u003ecb7f99a\u003c/code\u003e\u003c/a\u003e fix: validate cast types in JSON where clauses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sequelize/sequelize/commit/b1475280b82159c11b829b43568da370f598a9e4\"\u003e\u003ccode\u003eb147528\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sequelize/sequelize/commit/4b8b5b94a09220f7aae1e96d6d19ff65695fc100\"\u003e\u003ccode\u003e4b8b5b9\u003c/code\u003e\u003c/a\u003e meta: Fix MSSQL CI (\u003ca href=\"https://redirect.github.com/sequelize/sequelize/issues/17931\"\u003e#17931\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/sequelize/sequelize/compare/v6.37.7...v6.37.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~wikirik\"\u003ewikirik\u003c/a\u003e, a new releaser for sequelize since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `socket.io` from 3.1.2 to 4.6.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/releases\"\u003esocket.io's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esocket.io-parser@3.4.4\u003c/h2\u003e\n\u003cp\u003eThis release includes a fix for \u003ca href=\"https://github.com/socketio/socket.io/security/advisories/GHSA-677m-j7p3-52f9\"\u003eCVE-2026-33151\u003c/a\u003e. Please upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd a limit to the number of binary attachments (\u003ca href=\"https://github.com/socketio/socket.io/commit/719f9ebab0772ffb882bd614b387e585c1aa75d4\"\u003e719f9eb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esocket.io-parser@3.3.5\u003c/h2\u003e\n\u003cp\u003eThis release includes a fix for \u003ca href=\"https://github.com/socketio/socket.io/security/advisories/GHSA-677m-j7p3-52f9\"\u003eCVE-2026-33151\u003c/a\u003e. Please upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd a limit to the number of binary attachments (\u003ca href=\"https://github.com/socketio/socket.io/commit/9d39f1f080510f036782f2177fac701cc041faaf\"\u003e9d39f1f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esocket.io-parser@4.2.6\u003c/h2\u003e\n\u003cp\u003eThis release includes a fix for \u003ca href=\"https://github.com/socketio/socket.io/security/advisories/GHSA-677m-j7p3-52f9\"\u003eCVE-2026-33151\u003c/a\u003e. Please upgrade as soon as possible.\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd a limit to the number of binary attachments (\u003ca href=\"https://github.com/socketio/socket.io/commit/b25738c416c4e32fbff62ee182afa8f6d0dacf78\"\u003eb25738c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esocket.io-parser@4.2.5\u003c/h2\u003e\n\u003cp\u003eThis release contains a bump of \u003ccode\u003edebug\u003c/code\u003e from \u003ccode\u003e~4.3.1\u003c/code\u003e to \u003ccode\u003e~4.4.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/socketio/socket.io/blob/4.6.2/CHANGELOG.md\"\u003esocket.io's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.6.1...4.6.2\"\u003e4.6.2\u003c/a\u003e (2023-05-31)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eexports:\u003c/strong\u003e move \u003ccode\u003etypes\u003c/code\u003e condition to the top (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4698\"\u003e#4698\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/3d44aae381af38349fdb808d510d9f47a0c2507e\"\u003e3d44aae\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.4.0\"\u003e\u003ccode\u003eengine.io@~6.4.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.6.0...4.6.1\"\u003e4.6.1\u003c/a\u003e (2023-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eproperly handle manually created dynamic namespaces (\u003ca href=\"https://github.com/socketio/socket.io/commit/0d0a7a22b5ff95f864216c529114b7dd41738d1e\"\u003e0d0a7a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypes:\u003c/strong\u003e fix nodenext module resolution compatibility (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4625\"\u003e#4625\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/d0b22c630208669aceb7ae013180c99ef90279b0\"\u003ed0b22c6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/engine.io/releases/tag/6.4.0\"\u003e\u003ccode\u003eengine.io@~6.4.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/websockets/ws/releases/tag/8.11.0\"\u003e\u003ccode\u003ews@~8.11.0\u003c/code\u003e\u003c/a\u003e (no change)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/socketio/socket.io/compare/4.5.4...4.6.0\"\u003e4.6.0\u003c/a\u003e (2023-02-07)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd timeout method to remote socket (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4558\"\u003e#4558\u003c/a\u003e) (\u003ca href=\"https://github.com/socketio/socket.io/commit/0c0eb0016317218c2be3641e706cfaa9bea39a2d\"\u003e0c0eb00\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003etypings:\u003c/strong\u003e properly type emits with timeout (\u003ca href=\"https://github.com/socketio/socket.io/commit/f3ada7d8ccc02eeced2b9b9ac8e4bc921eb630d2\"\u003ef3ada7d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003ch4\u003ePromise-based acknowledgements\u003c/h4\u003e\n\u003cp\u003eThis commit adds some syntactic sugar around acknowledgements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eemitWithAck()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"js\"\u003e\u003ccode\u003etry {\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/faf914c9ab3e06a6e84fc91774a4182e58f8ae70\"\u003e\u003ccode\u003efaf914c\u003c/code\u003e\u003c/a\u003e chore(release): 4.6.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/15af22fc22bc6030fcead322c106f07640336115\"\u003e\u003ccode\u003e15af22f\u003c/code\u003e\u003c/a\u003e refactor: add a noop handler for the error event\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/d3658944e562e538db094ef298d274821984dea2\"\u003e\u003ccode\u003ed365894\u003c/code\u003e\u003c/a\u003e chore: bump socket.io-parser to version 4.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/12b0de4f524083c31b613ce33e4fd9f8d313f434\"\u003e\u003ccode\u003e12b0de4\u003c/code\u003e\u003c/a\u003e chore: bump engine.io to version 6.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/3d44aae381af38349fdb808d510d9f47a0c2507e\"\u003e\u003ccode\u003e3d44aae\u003c/code\u003e\u003c/a\u003e fix(exports): move \u003ccode\u003etypes\u003c/code\u003e condition to the top (\u003ca href=\"https://redirect.github.com/socketio/socket.io/issues/4698\"\u003e#4698\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/cbf0362476a23a573233369f1119f7e305539336\"\u003e\u003ccode\u003ecbf0362\u003c/code\u003e\u003c/a\u003e docs(examples): bump dependencies for the private messaging example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/59280da20b5ab6509bafb87793cc0077d60d9c27\"\u003e\u003ccode\u003e59280da\u003c/code\u003e\u003c/a\u003e docs(examples): update examples to docker compose v2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/50a4d37cb82f2a14e058ae5a3038ee25796c2121\"\u003e\u003ccode\u003e50a4d37\u003c/code\u003e\u003c/a\u003e docs(changelog): add version of transitive dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/6458b2bef171aa0d7dea198297608ea2ed4b1db9\"\u003e\u003ccode\u003e6458b2b\u003c/code\u003e\u003c/a\u003e docs(example): basic WebSocket-only client\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/socketio/socket.io/commit/b56da8a99f4814d553064af175edcf747d5561d7\"\u003e\u003ccode\u003eb56da8a\u003c/code\u003e\u003c/a\u003e docs(examples): upgrade to React 18\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/socketio/socket.io/compare/3.1.2...4.6.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.12 to 2.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 2.x  14f1d91\u003c/li\u003e\n\u003cli\u003efmt  ed7780a\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  36603d5\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/1ee4a9069c69a51bd502aab289c0c6629c8920ca\"\u003e\u003ccode\u003e1ee4a90\u003c/code\u003e\u003c/a\u003e 2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/b0302ac153ecfaad66752aac79bf30d2895db8f1\"\u003e\u003ccode\u003eb0302ac\u003c/code\u003e\u003c/a\u003e Add opt-in { max } mitigation to v2 legacy line (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/100\"\u003e#100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/73b5459d2ab973c984d01324769d306f66440c7e\"\u003e\u003ccode\u003e73b5459\u003c/code\u003e\u003c/a\u003e 2.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5\"\u003e\u003ccode\u003e311ac0d\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v to v2 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/a3efcee659ef0fb381e2b50d759c720900580a15\"\u003e\u003ccode\u003ea3efcee\u003c/code\u003e\u003c/a\u003e 2.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/14f1d91b0523ffb0c8bbe6a28dc98ddc56ae53bc\"\u003e\u003ccode\u003e14f1d91\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 2.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ed7780ab1cb8a7696f1813b5a945fcc70d8d1990\"\u003e\u003ccode\u003eed7780a\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/36603d5f3599a37af9e85eda30acd7d28599c36e\"\u003e\u003ccode\u003e36603d5\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/b9c0e57027317a8d0a56a7ccee28fc478d847da2\"\u003e\u003ccode\u003eb9c0e57\u003c/code\u003e\u003c/a\u003e 2.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/4d96d7dbca632806263efb0da8d1e9d8a2143cc2\"\u003e\u003ccode\u003e4d96d7d\u003c/code\u003e\u003c/a\u003e switch to fork of matcha that works on node\u0026gt;12\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v2.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `braces`\n\nUpdates `micromatch` from 3.1.10 to 4.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/micromatch/releases\"\u003emicromatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.8\u003c/h2\u003e\n\u003cp\u003eUltimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.\u003c/p\u003e\n\u003ch2\u003e4.0.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Update picomatch to fix regression \u003ca href=\"https://redirect.github.com/micromatch/micromatch/issues/179\"\u003e#179\u003c/a\u003e (8becb55)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnforce newer version of picomatch with bugfixes\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md\"\u003emicromatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.0.8] - 2024-08-22\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebackported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.7] - 2024-05-22\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ethis is basically v4.0.5, with some README updates\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eit is vulnerable to CVE-2024-4067\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003eUpdated braces to v3.0.3 to avoid CVE-2024-4068\u003c/li\u003e\n\u003cli\u003edoes NOT break API compatibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.6] - 2024-05-21\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003ehasBraces\u003c/code\u003e to check if a pattern contains braces.\u003c/li\u003e\n\u003cli\u003eFixes CVE-2024-4067\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBREAKS API COMPATIBILITY\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003eShould be labeled as a major release, but it's not.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.1 - 4.0.5]\u003c/h2\u003e\n\u003ch2\u003e[4.0.0] - 2019-03-20\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdds support for \u003ccode\u003eoptions.onMatch\u003c/code\u003e. See the readme for details\u003c/li\u003e\n\u003cli\u003eAdds support for \u003ccode\u003eoptions.onIgnore\u003c/code\u003e. See the readme for details\u003c/li\u003e\n\u003cli\u003eAdds support for \u003ccode\u003eoptions.onResult\u003c/code\u003e. See the readme for details\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBreaking changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRequire Node.js \u0026gt;= 8.6\u003c/li\u003e\n\u003cli\u003eRemoved support for passing an array of brace patterns to \u003ccode\u003emicromatch.braces()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eTo strictly enforce closing brackets (for \u003ccode\u003e{\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, and \u003ccode\u003e(\u003c/code\u003e), you must now use \u003ccode\u003estrictBrackets=true\u003c/code\u003e instead of \u003ccode\u003estrictErrors\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecache\u003c/code\u003e - caching and all related options and methods have been removed\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eoptions.unixify\u003c/code\u003e was renamed to \u003ccode\u003eoptions.windows\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eoptions.nodupes\u003c/code\u003e Was removed. Duplicates are always removed by default. You can override this with custom behavior by using the \u003ccode\u003eonMatch\u003c/code\u003e, \u003ccode\u003eonResult\u003c/code\u003e and \u003ccode\u003eonIgnore\u003c/code\u003e functions.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eoptions.snapdragon\u003c/code\u003e was removed, as snapdragon is no longer used.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eoptions.sourcemap\u003c/code\u003e was removed, as snapdragon is no longer used, which provided sourcemap support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[3.0.0] - 2017-04-11\u003c/h2\u003e\n\u003cp\u003eComplete overhaul, with 36,000+ new unit tests validated against actual output generated by Bash and minimatch. More specifically, 35,000+ of the tests:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003emicromatch results are directly compared to bash results\u003c/li\u003e\n\u003cli\u003ein rare cases, when micromatch and bash disagree, micromatch's results are compared to minimatch's results\u003c/li\u003e\n\u003cli\u003emicromatch is much more accurate than minimatch, so there were cases where I had to make assumptions. I'll try to document these.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis refactor introduces a parser and compiler that are supersets of more granular parsers and compilers from other sub-modules. Each of these sub-modules has a singular responsibility and focuses on a certain type of matching that aligns with a specific part of the Bash \u0026quot;expansion\u0026quot; API.\u003c/p\u003e\n\u003cp\u003eThese sub-modules work like plugins to seamlessly create the micromatch parser/compiler, so that strings are parsed in one pass, an \u003ca href=\"https://gist.github.com/jonschlinkert/099c8914f56529f75bc757cc9e5e8e2a\"\u003eAST is created\u003c/a\u003e, then a new string is generated by the compiler.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/8bd704ec0d9894693d35da425d827819916be920\"\u003e\u003ccode\u003e8bd704e\u003c/code\u003e\u003c/a\u003e 4.0.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/a0e68416a44da10f3e4e30845ab95af4fd286d5a\"\u003e\u003ccode\u003ea0e6841\u003c/code\u003e\u003c/a\u003e run verb to generate README documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/4ec288484f6e8cccf597ad3d43529c31d0f7a02a\"\u003e\u003ccode\u003e4ec2884\u003c/code\u003e\u003c/a\u003e Merge branch 'v4' into hauserkristof-feature/v4.0.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/03aa8052171e878897eee5d7bb2ae0ae83ec2ade\"\u003e\u003ccode\u003e03aa805\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/micromatch/micromatch/issues/266\"\u003e#266\u003c/a\u003e from hauserkristof/feature/v4.0.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/814f5f70efcd100ca9d29198867812a3d6ab91a8\"\u003e\u003ccode\u003e814f5f7\u003c/code\u003e\u003c/a\u003e lint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/67fcce6a1077c2faf5ad0c5f998fa70202cc5dae\"\u003e\u003ccode\u003e67fcce6\u003c/code\u003e\u003c/a\u003e fix: CHANGELOG about braces \u0026amp; CVE-2024-4068, v4.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/113f2e3fa7cb30b429eda7c4c38475a8e8ba1b30\"\u003e\u003ccode\u003e113f2e3\u003c/code\u003e\u003c/a\u003e fix: CVE numbers in CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/d9dbd9a266686f44afb38da26fe016f96d1ec04f\"\u003e\u003ccode\u003ed9dbd9a\u003c/code\u003e\u003c/a\u003e feat: updated CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/2ab13157f416679f54e3a32b1425e184bd16749e\"\u003e\u003ccode\u003e2ab1315\u003c/code\u003e\u003c/a\u003e fix: use actions/setup-node@v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/micromatch/commit/1406ea38f3e24b29f4d4f46908d5cffcb3e6c4ce\"\u003e\u003ccode\u003e1406ea3\u003c/code\u003e\u003c/a\u003e feat: rework test to work on macos with node 10,12 and 14\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/micromatch/compare/3.1.10...4.0.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@xmldom/xmldom` from 0.8.11 to 0.8.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/xmldom/xmldom/releases\"\u003e@​xmldom/xmldom's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.8.13\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.12...0.8.13\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer.serializeToString()\u003c/code\u003e (and \u003ccode\u003eNode.toString()\u003c/code\u003e, \u003ccode\u003eNodeList.toString()\u003c/code\u003e) now accept a \u003ccode\u003erequireWellFormed\u003c/code\u003e option (fourth argument, after \u003ccode\u003eisHtml\u003c/code\u003e and \u003ccode\u003enodeFilter\u003c/code\u003e). When \u003ccode\u003e{ requireWellFormed: true }\u003c/code\u003e is passed, the serializer throws \u003ccode\u003eInvalidStateError\u003c/code\u003e for injection-prone node content, preventing XML injection via attacker-controlled node data. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-j759-j44w-7fr8\"\u003e\u003ccode\u003eGHSA-j759-j44w-7fr8\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-x6wf-f3px-wcqx\"\u003e\u003ccode\u003eGHSA-x6wf-f3px-wcqx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-f6ww-3ggp-fr8h\"\u003e\u003ccode\u003eGHSA-f6ww-3ggp-fr8h\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eComment: throws when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e--\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eProcessingInstruction: throws when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e?\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDocumentType: throws when \u003ccode\u003epublicId\u003c/code\u003e fails \u003ccode\u003ePubidLiteral\u003c/code\u003e, \u003ccode\u003esystemId\u003c/code\u003e fails \u003ccode\u003eSystemLiteral\u003c/code\u003e, or \u003ccode\u003einternalSubset\u003c/code\u003e contains \u003ccode\u003e]\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eSecurity: DOM traversal operations (\u003ccode\u003eXMLSerializer.serializeToString()\u003c/code\u003e, \u003ccode\u003eNode.prototype.normalize()\u003c/code\u003e, \u003ccode\u003eNode.prototype.cloneNode(true)\u003c/code\u003e, \u003ccode\u003eDocument.prototype.importNode(node, true)\u003c/code\u003e, \u003ccode\u003enode.textContent\u003c/code\u003e getter, \u003ccode\u003egetElementsByTagName()\u003c/code\u003e / \u003ccode\u003egetElementsByTagNameNS()\u003c/code\u003e / \u003ccode\u003egetElementsByClassName()\u003c/code\u003e / \u003ccode\u003egetElementById()\u003c/code\u003e) are now iterative. Previously, deeply nested DOM trees would exhaust the JavaScript call stack and throw an unrecoverable \u003ccode\u003eRangeError\u003c/code\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-2v35-w6hq-6mfw\"\u003e\u003ccode\u003eGHSA-2v35-w6hq-6mfw\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/Jvr2022\"\u003e\u003ccode\u003e@​Jvr2022\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/praveen-kv\"\u003e\u003ccode\u003e@​praveen-kv\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/decsecre583\"\u003e\u003ccode\u003e@​decsecre583\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/tlsbollei\"\u003e\u003ccode\u003e@​tlsbollei\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/KarimTantawey\"\u003e\u003ccode\u003e@​KarimTantawey\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003ch2\u003e0.8.12\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve trailing whitespace in ProcessingInstruction data \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/962\"\u003e\u003ccode\u003e[#962](https://github.com/xmldom/xmldom/issues/962)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/42\"\u003e\u003ccode\u003e[#42](https://github.com/xmldom/xmldom/issues/42)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003ecreateCDATASection\u003c/code\u003e now throws \u003ccode\u003eInvalidCharacterError\u003c/code\u003e when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e, as required by the \u003ca href=\"https://dom.spec.whatwg.org/#dom-document-createcdatasection\"\u003eWHATWG DOM spec\u003c/a\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer\u003c/code\u003e now splits CDATASection nodes whose data contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (\u003ccode\u003eappendData\u003c/code\u003e, \u003ccode\u003ereplaceData\u003c/code\u003e, \u003ccode\u003e.data =\u003c/code\u003e, \u003ccode\u003e.textContent =\u003c/code\u003e). \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCode that passes a string containing \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e to \u003ccode\u003ecreateCDATASection\u003c/code\u003e and relied on the previously unsafe behavior will now receive \u003ccode\u003eInvalidCharacterError\u003c/code\u003e. Use a mutation method such as \u003ccode\u003eappendData\u003c/code\u003e if you intentionally need \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e in a CDATASection node's data.\u003c/p\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/thesmartshadow\"\u003e\u003ccode\u003e@​thesmartshadow\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/stevenobiajulu\"\u003e\u003ccode\u003e@​stevenobiajulu\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/discussions/357\"\u003ehttps://github.com/xmldom/xmldom/discussions/357\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md\"\u003e@​xmldom/xmldom's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.12...0.8.13\"\u003e0.8.13\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer.serializeToString()\u003c/code\u003e (and \u003ccode\u003eNode.toString()\u003c/code\u003e, \u003ccode\u003eNodeList.toString()\u003c/code\u003e) now accept a \u003ccode\u003erequireWellFormed\u003c/code\u003e option (fourth argument, after \u003ccode\u003eisHtml\u003c/code\u003e and \u003ccode\u003enodeFilter\u003c/code\u003e). When \u003ccode\u003e{ requireWellFormed: true }\u003c/code\u003e is passed, the serializer throws \u003ccode\u003eInvalidStateError\u003c/code\u003e for injection-prone node content, preventing XML injection via attacker-controlled node data. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-j759-j44w-7fr8\"\u003e\u003ccode\u003eGHSA-j759-j44w-7fr8\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-x6wf-f3px-wcqx\"\u003e\u003ccode\u003eGHSA-x6wf-f3px-wcqx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-f6ww-3ggp-fr8h\"\u003e\u003ccode\u003eGHSA-f6ww-3ggp-fr8h\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eComment: throws when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e--\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eProcessingInstruction: throws when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e?\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDocumentType: throws when \u003ccode\u003epublicId\u003c/code\u003e fails \u003ccode\u003ePubidLiteral\u003c/code\u003e, \u003ccode\u003esystemId\u003c/code\u003e fails \u003ccode\u003eSystemLiteral\u003c/code\u003e, or \u003ccode\u003einternalSubset\u003c/code\u003e contains \u003ccode\u003e]\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eSecurity: DOM traversal operations (\u003ccode\u003eXMLSerializer.serializeToString()\u003c/code\u003e, \u003ccode\u003eNode.prototype.normalize()\u003c/code\u003e, \u003ccode\u003eNode.prototype.cloneNode(true)\u003c/code\u003e, \u003ccode\u003eDocument.prototype.importNode(node, true)\u003c/code\u003e, \u003ccode\u003enode.textContent\u003c/code\u003e getter, \u003ccode\u003egetElementsByTagName()\u003c/code\u003e / \u003ccode\u003egetElementsByTagNameNS()\u003c/code\u003e / \u003ccode\u003egetElementsByClassName()\u003c/code\u003e / \u003ccode\u003egetElementById()\u003c/code\u003e) are now iterative. Previously, deeply nested DOM trees would exhaust the JavaScript call stack and throw an unrecoverable \u003ccode\u003eRangeError\u003c/code\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-2v35-w6hq-6mfw\"\u003e\u003ccode\u003eGHSA-2v35-w6hq-6mfw\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/Jvr2022\"\u003e\u003ccode\u003e@​Jvr2022\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/praveen-kv\"\u003e\u003ccode\u003e@​praveen-kv\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/decsecre583\"\u003e\u003ccode\u003e@​decsecre583\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/tlsbollei\"\u003e\u003ccode\u003e@​tlsbollei\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/KarimTantawey\"\u003e\u003ccode\u003e@​KarimTantawey\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.9.8...0.9.9\"\u003e0.9.9\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimplement \u003ccode\u003eParentNode.children\u003c/code\u003e getter \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/960\"\u003e\u003ccode\u003e[#960](https://github.com/xmldom/xmldom/issues/960)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/410\"\u003e\u003ccode\u003e[#410](https://github.com/xmldom/xmldom/issues/410)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: \u003ccode\u003ecreateCDATASection\u003c/code\u003e now throws \u003ccode\u003eInvalidCharacterError\u003c/code\u003e when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e, as required by the \u003ca href=\"https://dom.spec.whatwg.org/#dom-document-createcdatasection\"\u003eWHATWG DOM spec\u003c/a\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer\u003c/code\u003e now splits CDATASection nodes whose data contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (\u003ccode\u003eappendData\u003c/code\u003e, \u003ccode\u003ereplaceData\u003c/code\u003e, \u003ccode\u003e.data =\u003c/code\u003e, \u003ccode\u003e.textContent =\u003c/code\u003e). \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ecorrectly traverse ancestor chain in \u003ccode\u003eNode.contains\u003c/code\u003e \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/931\"\u003e\u003ccode\u003e[#931](https://github.com/xmldom/xmldom/issues/931)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCode that passes a string containing \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e to \u003ccode\u003ecreateCDATASection\u003c/code\u003e and relied on the previously unsafe behavior will now receive \u003ccode\u003eInvalidCharacterError\u003c/code\u003e. Use a mutation method such as \u003ccode\u003eappendData\u003c/code\u003e if you intentionally need \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e in a CDATASection node's data.\u003c/p\u003e\n\u003ch3\u003eChore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/stevenobiajulu\"\u003e\u003ccode\u003e@​stevenobiajulu\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/yoshi389111\"\u003e\u003ccode\u003e@​yoshi389111\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/thesmartshadow\"\u003e\u003ccode\u003e@​thesmartshadow\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12\"\u003e0.8.12\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve trailing whitespace in ProcessingInstruction data \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/962\"\u003e\u003ccode\u003e[#962](https://github.com/xmldom/xmldom/issues/962)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/42\"\u003e\u003ccode\u003e[#42](https://github.com/xmldom/xmldom/issues/42)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/e5c14802592685bb872c042c54c3f73758875c85\"\u003e\u003ccode\u003ee5c1480\u003c/code\u003e\u003c/a\u003e 0.8.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/9611e20d75f059dc377f806a8f7ee7d1eaeaeb7c\"\u003e\u003ccode\u003e9611e20\u003c/code\u003e\u003c/a\u003e style: drop unused import in test file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/dc4dff3d1d0b5a6b97c52fcc1823a735b8821e62\"\u003e\u003ccode\u003edc4dff3\u003c/code\u003e\u003c/a\u003e docs: add 0.8.13 changelog entry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/842fa38deedd2d9a9c90d0ad54aa1be75d2a41bc\"\u003e\u003ccode\u003e842fa38\u003c/code\u003e\u003c/a\u003e fix: prevent stack overflow in normalize (GHSA-2v35-w6hq-6mfw)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/aeff69f5a32e8c1bd540683da9e10718f84f595c\"\u003e\u003ccode\u003eaeff69f\u003c/code\u003e\u003c/a\u003e test: add normalize behavioral coverage to node.test.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/cbdb0d7db8ae70760bd4cc181cb8f30bb0cd9d88\"\u003e\u003ccode\u003ecbdb0d7\u003c/code\u003e\u003c/a\u003e fix: make walkDOM iterative to prevent stack overflow (GHSA-2v35-w6hq-6mfw)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/0b543d31794dc198c86a0358574cb5dec29674c5\"\u003e\u003ccode\u003e0b543d3\u003c/code\u003e\u003c/a\u003e test: assert namespace declarations are isolated between siblings in serializ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/c007c51909587990c962cf3d5c2acadf4c897b87\"\u003e\u003ccode\u003ec007c51\u003c/code\u003e\u003c/a\u003e refactor: migrate serializeToString to walkDOM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/2bb3899074820089d9e76ce28a5edfdacf425025\"\u003e\u003ccode\u003e2bb3899\u003c/code\u003e\u003c/a\u003e test: add serializeToString coverage for uncovered branches\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/e69f38d0a58731152d300e8c8eb29506f5f488fe\"\u003e\u003ccode\u003ee69f38d\u003c/code\u003e\u003c/a\u003e refactor: migrate importNode to walkDOM\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~karfau\"\u003ekarfau\u003c/a\u003e, a new releaser for \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.4.2 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.7.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)  bc38ffd\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eAlthough not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd fast path for \u003ccode\u003eserialize\u003c/code\u003e without options, use \u003ccode\u003eobj.hasOwnProperty\u003c/code\u003e when parsing (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\"\u003ehttps://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eperf: parse cookies ~10% faster (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e by \u003ca href=\"https://github.com/kurtextrem\"\u003e\u003ccode\u003e@​kurtextrem\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: narrow the validation of cookies to match RFC6265 (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/167\"\u003e#167\u003c/a\u003e by \u003ca href=\"https://github.com/bewinsnw\"\u003e\u003ccode\u003e@​bewinsnw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: add \u003ccode\u003emain\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e for rspack (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/166\"\u003e#166\u003c/a\u003e by \u003ca href=\"https://github.com/proudparrot2\"\u003e\u003ccode\u003e@​proudparrot2\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\"\u003ehttps://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003epartitioned\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003epriority\u003c/code\u003e option\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eexpires\u003c/code\u003e option to reject invalid dates\u003c/li\u003e\n\u003cli\u003epref: improve default decode speed\u003c/li\u003e\n\u003cli\u003epref: remove slow string split in parse\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/d19eaa1a2bb9ca43ac0951edd852ba4e88e410e0\"\u003e\u003ccode\u003ed19eaa1\u003c/code\u003e\u003c/a\u003e 0.7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/bc38ffd0eae716b199236dda061d0bdc74192dd3\"\u003e\u003ccode\u003ebc38ffd\u003c/code\u003e\u003c/a\u003e Fix object assignment of \u003ccode\u003ehasOwnProperty\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/177\"\u003e#177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/cf4658f492c5bd96aeaf5693c3500f8495031014\"\u003e\u003ccode\u003ecf4658f\u003c/code\u003e\u003c/a\u003e 0.7.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6a8b8f5a49af7897b98ebfb29a1c4955afa3d33e\"\u003e\u003ccode\u003e6a8b8f5\u003c/code\u003e\u003c/a\u003e Allow leading dot for domain (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/174\"\u003e#174\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/58015c0b93de0b63db245cfdc5a108e511a81ad0\"\u003e\u003ccode\u003e58015c0\u003c/code\u003e\u003c/a\u003e Remove more code and perf wins (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627\"\u003e\u003ccode\u003eab057d6\u003c/code\u003e\u003c/a\u003e 0.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542\"\u003e\u003ccode\u003e5f02ca8\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579\"\u003e\u003ccode\u003ea5d591c\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105\"\u003e\u003ccode\u003e51968f9\u003c/code\u003e\u003c/a\u003e Skip isNaN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc\"\u003e\u003ccode\u003e9e7ca51\u003c/code\u003e\u003c/a\u003e perf(parse): cache length, return early (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.4.2...v0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nRemoves `crypto-js`\n\nUpdates `diff` from 4.0.2 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~explodingcabbage\"\u003eexplodingcabbage\u003c/a\u003e, a new releaser for diff since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 5.0.0 to 5.2.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.4 - January 2026\u003c/h2\u003e\n\u003cp\u003eOnly change from 4.0.2 is a backport of the fix to \u003ca href=\"https://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\"\u003ehttps://github.com/kpdecker/jsdiff/security/advisories/GHSA-73rr-hh4g-fpgx\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ev4.0.3 (deprecated)\u003c/h2\u003e\n\u003cp\u003eAccidental release - do not use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5\"\u003e\u003ccode\u003ef06f3e4\u003c/code\u003e\u003c/a\u003e v4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75\"\u003e\u003ccode\u003e0179a48\u003c/code\u003e\u003c/a\u003e v4.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683\"\u003e\u003ccode\u003e4568cae\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/649\"\u003ekpdecker/jsdiff#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a\"\u003e\u003ccode\u003e4de0ffa\u003c/code\u003e\u003c/a\u003e Backport \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/647\"\u003ekpdecker/jsdiff#647\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~explodingcabbage\"\u003eexplodingcabbage\u003c/a\u003e, a new releaser for diff since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `follow-redirects` from 1.15.11 to 1.16.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/0c23a223067201c368035e82954c11eb2578a33b\"\u003e\u003ccode\u003e0c23a22\u003c/code\u003e\u003c/a\u003e Release version 1.16.0 of the npm package.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/844c4d302ac963d29bdb5dc1754ec7df3d70d7f9\"\u003e\u003ccode\u003e844c4d3\u003c/code\u003e\u003c/a\u003e Add sensitiveHeaders option.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/5e8b8d024e2c76f804a284258e585ecb49a575be\"\u003e\u003ccode\u003e5e8b8d0\u003c/code\u003e\u003c/a\u003e ci: add Node.js 24.x to the CI matrix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/7953e2255aa0b93602eed3804f3bc5e6923a03af\"\u003e\u003ccode\u003e7953e22\u003c/code\u003e\u003c/a\u003e ci: upgrade GitHub Actions to use setup-node@v6 and checkout@v6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/follow-redirects/follow-redirects/commit/86dc1f86e4b56bcd642c78384d51f10f123aea75\"\u003e\u003ccode\u003e86dc1f8\u003c/code\u003e\u003c/a\u003e Sanitizing input.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/follow-redirects/follow-redirects/compare/v1.15.11...v1.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `handlebars` from 4.7.8 to 4.7.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/handlebars-lang/handlebars.js/releases\"\u003ehandlebars's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.7.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: enable shell mode for spawn to resolve Windows EINVAL issue - e0137c2\u003c/li\u003e\n\u003cli\u003efix type \u0026quot;RuntimeOptions\u0026quot; also accepting string partials - eab1d14\u003c/li\u003e\n\u003cli\u003efeat(types): set \u003ccode\u003ehash\u003c/code\u003e to be a \u003ccode\u003eRecord\u0026lt;string, any\u0026gt;\u003c/code\u003e - de4414d\u003c/li\u003e\n\u003cli\u003efix non-contiguous program indices - 4512766\u003c/li\u003e\n\u003cli\u003erefactor: rename i to startPartIndex - e497a35\u003c/li\u003e\n\u003cli\u003esecurity: fix security issues - 68d8df5\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\"\u003ehttps://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca ...\n\n_Description has been truncated_","html_url":"https://github.com/fujimakis-sss/juice-shop/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/fujimakis-sss%2Fjuice-shop/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}},{"old_version":"0.4.2","new_version":"1.1.1","update_type":"major","path":null,"pr_created_at":"2026-05-21T23:45:52.000Z","version_change":"0.4.2 → 1.1.1","issue":{"uuid":"4498653248","node_id":"PR_kwDOIt273s7eJOF_","number":557,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-21T23:45:52.000Z","updated_at":"2026-05-21T23:46:25.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":5,"packages":[{"name":"minimatch","old_version":"3.1.2","new_version":"9.0.9","repository_url":"https://github.com/isaacs/minimatch"},{"name":"@xmldom/xmldom","old_version":"0.8.10","new_version":"0.8.13","repository_url":"https://github.com/xmldom/xmldom"},{"name":"cookie","old_version":"0.4.2","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"},{"name":"flatted","old_version":"3.2.9","new_version":"3.4.2","repository_url":"https://github.com/WebReflection/flatted"},{"name":"lodash","old_version":"4.17.23","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 5 updates in the /web directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `9.0.9` |\n| [@xmldom/xmldom](https://github.com/xmldom/xmldom) | `0.8.10` | `0.8.13` |\n| [cookie](https://github.com/jshttp/cookie) | `0.4.2` | `1.1.1` |\n| [flatted](https://github.com/WebReflection/flatted) | `3.2.9` | `3.4.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.23` | `4.18.1` |\n\n\nUpdates `minimatch` from 3.1.2 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/minimatch/blob/main/changelog.md\"\u003eminimatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echange log\u003c/h1\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003ebraceExpandMax\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003emagicalBraces\u003c/code\u003e option for \u003ccode\u003eescape\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003emakeRe\u003c/code\u003e when \u003ccode\u003epartial: true\u003c/code\u003e is set.\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003emakeRe\u003c/code\u003e when pattern ends in a final \u003ccode\u003e**\u003c/code\u003e path part.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRequire node 20 or 22 and higher\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo default export, only named exports.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRecursive descent parser for extglob, allowing correct support\nfor arbitrarily nested extglob expressions\u003c/li\u003e\n\u003cli\u003eBump required Node.js version\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eescape()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eunescape()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eMinimatch.hasMagic()\u003c/code\u003e method\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for posix character classes in a unicode-aware way.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003ewindowsNoMagicRoot\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eoptimizationLevel\u003c/code\u003e configuration option, and revert the\ndefault back to the 6.2 style minimal optimizations, making the\nadvanced transforms introduced in 7.0 opt-in. Also, process\nprovided file paths in the same way in optimizationLevel:2\nmode, so \u003cem\u003emost\u003c/em\u003e things that matched with optimizationLevel 1 or\n0 \u003cem\u003eshould\u003c/em\u003e match with level 2 as well. However, level 1 is the\ndefault, out of an abundance of caution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/8a10e473e2e0ff03c2d4de308f257093af2bce21\"\u003e\u003ccode\u003e8a10e47\u003c/code\u003e\u003c/a\u003e 9.0.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/c6f180636cebd4de2f9af7ef29ca4c9bf2eeef02\"\u003e\u003ccode\u003ec6f1806\u003c/code\u003e\u003c/a\u003e brace-expansion@2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/446cfa3e2aa3ef45bd4a27fa4418221e158489f6\"\u003e\u003ccode\u003e446cfa3\u003c/code\u003e\u003c/a\u003e 9.0.8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/8fa151ab95fd4e2acd6e1a81f10d02dc7c1098d3\"\u003e\u003ccode\u003e8fa151a\u003c/code\u003e\u003c/a\u003e docs: add warning about ReDoS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/71b78a2a4cad3a40af08a39c065e71bbf69ea7f7\"\u003e\u003ccode\u003e71b78a2\u003c/code\u003e\u003c/a\u003e fix partial matching of globstar patterns\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/2de496f6d9362dd92460f35ffa6ff8de2907244b\"\u003e\u003ccode\u003e2de496f\u003c/code\u003e\u003c/a\u003e 9.0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/0d4616de9193bf1d359271662e92657bb51b2f75\"\u003e\u003ccode\u003e0d4616d\u003c/code\u003e\u003c/a\u003e limit nested extglob recursion, flatten extglobs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/7117ef381e74deace1c62a74d2298c8fe61d10ca\"\u003e\u003ccode\u003e7117ef3\u003c/code\u003e\u003c/a\u003e 9.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/2418458b7fe82e0a1fd1a1b6f618c41c90b9848a\"\u003e\u003ccode\u003e2418458\u003c/code\u003e\u003c/a\u003e update deps, do not checkin dist\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/isaacs/minimatch/commit/1d1f531009d5e4a86083de37e5ef3f301e073986\"\u003e\u003ccode\u003e1d1f531\u003c/code\u003e\u003c/a\u003e update deps\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/isaacs/minimatch/compare/v3.1.2...v9.0.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@xmldom/xmldom` from 0.8.10 to 0.8.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/xmldom/xmldom/releases\"\u003e@​xmldom/xmldom's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.8.13\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.12...0.8.13\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer.serializeToString()\u003c/code\u003e (and \u003ccode\u003eNode.toString()\u003c/code\u003e, \u003ccode\u003eNodeList.toString()\u003c/code\u003e) now accept a \u003ccode\u003erequireWellFormed\u003c/code\u003e option (fourth argument, after \u003ccode\u003eisHtml\u003c/code\u003e and \u003ccode\u003enodeFilter\u003c/code\u003e). When \u003ccode\u003e{ requireWellFormed: true }\u003c/code\u003e is passed, the serializer throws \u003ccode\u003eInvalidStateError\u003c/code\u003e for injection-prone node content, preventing XML injection via attacker-controlled node data. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-j759-j44w-7fr8\"\u003e\u003ccode\u003eGHSA-j759-j44w-7fr8\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-x6wf-f3px-wcqx\"\u003e\u003ccode\u003eGHSA-x6wf-f3px-wcqx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-f6ww-3ggp-fr8h\"\u003e\u003ccode\u003eGHSA-f6ww-3ggp-fr8h\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eComment: throws when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e--\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eProcessingInstruction: throws when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e?\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDocumentType: throws when \u003ccode\u003epublicId\u003c/code\u003e fails \u003ccode\u003ePubidLiteral\u003c/code\u003e, \u003ccode\u003esystemId\u003c/code\u003e fails \u003ccode\u003eSystemLiteral\u003c/code\u003e, or \u003ccode\u003einternalSubset\u003c/code\u003e contains \u003ccode\u003e]\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eSecurity: DOM traversal operations (\u003ccode\u003eXMLSerializer.serializeToString()\u003c/code\u003e, \u003ccode\u003eNode.prototype.normalize()\u003c/code\u003e, \u003ccode\u003eNode.prototype.cloneNode(true)\u003c/code\u003e, \u003ccode\u003eDocument.prototype.importNode(node, true)\u003c/code\u003e, \u003ccode\u003enode.textContent\u003c/code\u003e getter, \u003ccode\u003egetElementsByTagName()\u003c/code\u003e / \u003ccode\u003egetElementsByTagNameNS()\u003c/code\u003e / \u003ccode\u003egetElementsByClassName()\u003c/code\u003e / \u003ccode\u003egetElementById()\u003c/code\u003e) are now iterative. Previously, deeply nested DOM trees would exhaust the JavaScript call stack and throw an unrecoverable \u003ccode\u003eRangeError\u003c/code\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-2v35-w6hq-6mfw\"\u003e\u003ccode\u003eGHSA-2v35-w6hq-6mfw\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/Jvr2022\"\u003e\u003ccode\u003e@​Jvr2022\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/praveen-kv\"\u003e\u003ccode\u003e@​praveen-kv\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/decsecre583\"\u003e\u003ccode\u003e@​decsecre583\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/tlsbollei\"\u003e\u003ccode\u003e@​tlsbollei\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/KarimTantawey\"\u003e\u003ccode\u003e@​KarimTantawey\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003ch2\u003e0.8.12\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12\"\u003eCommits\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve trailing whitespace in ProcessingInstruction data \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/962\"\u003e\u003ccode\u003e[#962](https://github.com/xmldom/xmldom/issues/962)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/42\"\u003e\u003ccode\u003e[#42](https://github.com/xmldom/xmldom/issues/42)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003ecreateCDATASection\u003c/code\u003e now throws \u003ccode\u003eInvalidCharacterError\u003c/code\u003e when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e, as required by the \u003ca href=\"https://dom.spec.whatwg.org/#dom-document-createcdatasection\"\u003eWHATWG DOM spec\u003c/a\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer\u003c/code\u003e now splits CDATASection nodes whose data contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (\u003ccode\u003eappendData\u003c/code\u003e, \u003ccode\u003ereplaceData\u003c/code\u003e, \u003ccode\u003e.data =\u003c/code\u003e, \u003ccode\u003e.textContent =\u003c/code\u003e). \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCode that passes a string containing \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e to \u003ccode\u003ecreateCDATASection\u003c/code\u003e and relied on the previously unsafe behavior will now receive \u003ccode\u003eInvalidCharacterError\u003c/code\u003e. Use a mutation method such as \u003ccode\u003eappendData\u003c/code\u003e if you intentionally need \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e in a CDATASection node's data.\u003c/p\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/thesmartshadow\"\u003e\u003ccode\u003e@​thesmartshadow\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/stevenobiajulu\"\u003e\u003ccode\u003e@​stevenobiajulu\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/xmldom/xmldom/discussions/357\"\u003ehttps://github.com/xmldom/xmldom/discussions/357\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.8.11\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.10...0.8.11\"\u003e0.8.11\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate \u003ccode\u003eownerDocument\u003c/code\u003e when moving nodes between documents \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/933\"\u003e\u003ccode\u003e[#933](https://github.com/xmldom/xmldom/issues/933)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/932\"\u003e\u003ccode\u003e[#932](https://github.com/xmldom/xmldom/issues/932)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you, \u003ca href=\"https://github.com/shunkica\"\u003e\u003ccode\u003e@​shunkica\u003c/code\u003e\u003c/a\u003e, for your contributions\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md\"\u003e@​xmldom/xmldom's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.12...0.8.13\"\u003e0.8.13\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer.serializeToString()\u003c/code\u003e (and \u003ccode\u003eNode.toString()\u003c/code\u003e, \u003ccode\u003eNodeList.toString()\u003c/code\u003e) now accept a \u003ccode\u003erequireWellFormed\u003c/code\u003e option (fourth argument, after \u003ccode\u003eisHtml\u003c/code\u003e and \u003ccode\u003enodeFilter\u003c/code\u003e). When \u003ccode\u003e{ requireWellFormed: true }\u003c/code\u003e is passed, the serializer throws \u003ccode\u003eInvalidStateError\u003c/code\u003e for injection-prone node content, preventing XML injection via attacker-controlled node data. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-j759-j44w-7fr8\"\u003e\u003ccode\u003eGHSA-j759-j44w-7fr8\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-x6wf-f3px-wcqx\"\u003e\u003ccode\u003eGHSA-x6wf-f3px-wcqx\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-f6ww-3ggp-fr8h\"\u003e\u003ccode\u003eGHSA-f6ww-3ggp-fr8h\u003c/code\u003e\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eComment: throws when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e--\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eProcessingInstruction: throws when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e?\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDocumentType: throws when \u003ccode\u003epublicId\u003c/code\u003e fails \u003ccode\u003ePubidLiteral\u003c/code\u003e, \u003ccode\u003esystemId\u003c/code\u003e fails \u003ccode\u003eSystemLiteral\u003c/code\u003e, or \u003ccode\u003einternalSubset\u003c/code\u003e contains \u003ccode\u003e]\u0026gt;\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eSecurity: DOM traversal operations (\u003ccode\u003eXMLSerializer.serializeToString()\u003c/code\u003e, \u003ccode\u003eNode.prototype.normalize()\u003c/code\u003e, \u003ccode\u003eNode.prototype.cloneNode(true)\u003c/code\u003e, \u003ccode\u003eDocument.prototype.importNode(node, true)\u003c/code\u003e, \u003ccode\u003enode.textContent\u003c/code\u003e getter, \u003ccode\u003egetElementsByTagName()\u003c/code\u003e / \u003ccode\u003egetElementsByTagNameNS()\u003c/code\u003e / \u003ccode\u003egetElementsByClassName()\u003c/code\u003e / \u003ccode\u003egetElementById()\u003c/code\u003e) are now iterative. Previously, deeply nested DOM trees would exhaust the JavaScript call stack and throw an unrecoverable \u003ccode\u003eRangeError\u003c/code\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-2v35-w6hq-6mfw\"\u003e\u003ccode\u003eGHSA-2v35-w6hq-6mfw\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/Jvr2022\"\u003e\u003ccode\u003e@​Jvr2022\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/praveen-kv\"\u003e\u003ccode\u003e@​praveen-kv\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/TharVid\"\u003e\u003ccode\u003e@​TharVid\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/decsecre583\"\u003e\u003ccode\u003e@​decsecre583\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/tlsbollei\"\u003e\u003ccode\u003e@​tlsbollei\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/KarimTantawey\"\u003e\u003ccode\u003e@​KarimTantawey\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.9.8...0.9.9\"\u003e0.9.9\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimplement \u003ccode\u003eParentNode.children\u003c/code\u003e getter \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/960\"\u003e\u003ccode\u003e[#960](https://github.com/xmldom/xmldom/issues/960)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/410\"\u003e\u003ccode\u003e[#410](https://github.com/xmldom/xmldom/issues/410)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity: \u003ccode\u003ecreateCDATASection\u003c/code\u003e now throws \u003ccode\u003eInvalidCharacterError\u003c/code\u003e when \u003ccode\u003edata\u003c/code\u003e contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e, as required by the \u003ca href=\"https://dom.spec.whatwg.org/#dom-document-createcdatasection\"\u003eWHATWG DOM spec\u003c/a\u003e. \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity: \u003ccode\u003eXMLSerializer\u003c/code\u003e now splits CDATASection nodes whose data contains \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (\u003ccode\u003eappendData\u003c/code\u003e, \u003ccode\u003ereplaceData\u003c/code\u003e, \u003ccode\u003e.data =\u003c/code\u003e, \u003ccode\u003e.textContent =\u003c/code\u003e). \u003ca href=\"https://github.com/xmldom/xmldom/security/advisories/GHSA-wh4c-j3r5-mjhp\"\u003e\u003ccode\u003eGHSA-wh4c-j3r5-mjhp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ecorrectly traverse ancestor chain in \u003ccode\u003eNode.contains\u003c/code\u003e \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/931\"\u003e\u003ccode\u003e[#931](https://github.com/xmldom/xmldom/issues/931)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eCode that passes a string containing \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e to \u003ccode\u003ecreateCDATASection\u003c/code\u003e and relied on the previously unsafe behavior will now receive \u003ccode\u003eInvalidCharacterError\u003c/code\u003e. Use a mutation method such as \u003ccode\u003eappendData\u003c/code\u003e if you intentionally need \u003ccode\u003e\u0026quot;]]\u0026gt;\u0026quot;\u003c/code\u003e in a CDATASection node's data.\u003c/p\u003e\n\u003ch3\u003eChore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdated dependencies\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThank you,\n\u003ca href=\"https://github.com/stevenobiajulu\"\u003e\u003ccode\u003e@​stevenobiajulu\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/yoshi389111\"\u003e\u003ccode\u003e@​yoshi389111\u003c/code\u003e\u003c/a\u003e,\n\u003ca href=\"https://github.com/thesmartshadow\"\u003e\u003ccode\u003e@​thesmartshadow\u003c/code\u003e\u003c/a\u003e,\nfor your contributions\u003c/p\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.11...0.8.12\"\u003e0.8.12\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epreserve trailing whitespace in ProcessingInstruction data \u003ca href=\"https://redirect.github.com/xmldom/xmldom/pull/962\"\u003e\u003ccode\u003e[#962](https://github.com/xmldom/xmldom/issues/962)\u003c/code\u003e\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/xmldom/xmldom/issues/42\"\u003e\u003ccode\u003e[#42](https://github.com/xmldom/xmldom/issues/42)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/e5c14802592685bb872c042c54c3f73758875c85\"\u003e\u003ccode\u003ee5c1480\u003c/code\u003e\u003c/a\u003e 0.8.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/9611e20d75f059dc377f806a8f7ee7d1eaeaeb7c\"\u003e\u003ccode\u003e9611e20\u003c/code\u003e\u003c/a\u003e style: drop unused import in test file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/dc4dff3d1d0b5a6b97c52fcc1823a735b8821e62\"\u003e\u003ccode\u003edc4dff3\u003c/code\u003e\u003c/a\u003e docs: add 0.8.13 changelog entry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/842fa38deedd2d9a9c90d0ad54aa1be75d2a41bc\"\u003e\u003ccode\u003e842fa38\u003c/code\u003e\u003c/a\u003e fix: prevent stack overflow in normalize (GHSA-2v35-w6hq-6mfw)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/aeff69f5a32e8c1bd540683da9e10718f84f595c\"\u003e\u003ccode\u003eaeff69f\u003c/code\u003e\u003c/a\u003e test: add normalize behavioral coverage to node.test.js\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/cbdb0d7db8ae70760bd4cc181cb8f30bb0cd9d88\"\u003e\u003ccode\u003ecbdb0d7\u003c/code\u003e\u003c/a\u003e fix: make walkDOM iterative to prevent stack overflow (GHSA-2v35-w6hq-6mfw)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/0b543d31794dc198c86a0358574cb5dec29674c5\"\u003e\u003ccode\u003e0b543d3\u003c/code\u003e\u003c/a\u003e test: assert namespace declarations are isolated between siblings in serializ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/c007c51909587990c962cf3d5c2acadf4c897b87\"\u003e\u003ccode\u003ec007c51\u003c/code\u003e\u003c/a\u003e refactor: migrate serializeToString to walkDOM\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/2bb3899074820089d9e76ce28a5edfdacf425025\"\u003e\u003ccode\u003e2bb3899\u003c/code\u003e\u003c/a\u003e test: add serializeToString coverage for uncovered branches\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/xmldom/xmldom/commit/e69f38d0a58731152d300e8c8eb29506f5f488fe\"\u003e\u003ccode\u003ee69f38d\u003c/code\u003e\u003c/a\u003e refactor: migrate importNode to walkDOM\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/xmldom/xmldom/compare/0.8.10...0.8.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~karfau\"\u003ekarfau\u003c/a\u003e, a new releaser for \u003ccode\u003e@​xmldom/xmldom\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.4.2 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.4.2...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.2.9 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.2.9...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.23 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/zehguilherme/studio-amanda-borges/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/zehguilherme/studio-amanda-borges/pull/557","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/zehguilherme%2Fstudio-amanda-borges/issues/557","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/557/packages"}},{"old_version":null,"new_version":null,"update_type":"removal","path":null,"pr_created_at":"2026-05-21T23:05:53.000Z","version_change":"removed","issue":{"uuid":"4498475478","node_id":"PR_kwDOFUNh887eIo0n","number":21,"state":"closed","title":"deps(deps): bump cookie and next","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-21T23:42:30.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-21T23:05:53.000Z","updated_at":"2026-05-21T23:42:32.000Z","time_to_close":2197,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps)","packages":[{"name":"cookie","repository_url":"https://github.com/jshttp/cookie","old_version":null,"new_version":null,"is_removal":true},{"name":"next","repository_url":"https://github.com/vercel/next.js","old_version":"9.3.3","new_version":"16.2.6"}],"path":null,"ecosystem":"npm"},"body":"Removes [cookie](https://github.com/jshttp/cookie). It's no longer used after updating ancestor dependency [next](https://github.com/vercel/next.js). These dependencies need to be updated together.\n\nRemoves `cookie`\n\nUpdates `next` from 9.3.3 to 16.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - \u003cstrong\u003eIncomplete Fix Follow-Up\u003c/strong\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModerate:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLow:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve HTTP access fallbacks during prerender recovery (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92231\"\u003e#92231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fallback route params case in app-page handler (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91737\"\u003e#91737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix invalid HTML response for route-level RSC requests in deployment adapter (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91541\"\u003e#91541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch setHeader for direct route handlers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93101\"\u003e#93101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude deployment id in \u003ccode\u003ecacheHandlers\u003c/code\u003e keys (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93453\"\u003e#93453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix double-encoding of URL pathname parts in client param parsing (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93491\"\u003e#93491\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev16.2.5\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722\"\u003e\u003ccode\u003eee6e79b\u003c/code\u003e\u003c/a\u003e v16.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/afa053d9eb9c2a68c7eba43e84fe6bed8babcd45\"\u003e\u003ccode\u003eafa053d\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/97a154e5bbee0cb1ac3fb8aa4db66ac36e796e3d\"\u003e\u003ccode\u003e97a154e\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/83899bc89103d4df1479e065c7c1e09d4698a7b6\"\u003e\u003ccode\u003e83899bc\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7b222b90954d607fc28a34e9b360a9b1636bc206\"\u003e\u003ccode\u003e7b222b9\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93595\"\u003e#93595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/a8dc24f1fe23d4a22d24fac734837f7c824138f7\"\u003e\u003ccode\u003ea8dc24f\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93587\"\u003e#93587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4\"\u003e\u003ccode\u003e766148f\u003c/code\u003e\u003c/a\u003e v16.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/0dd94836a8b43209fcfefa448c141683c22c1a27\"\u003e\u003ccode\u003e0dd9483\u003c/code\u003e\u003c/a\u003e fix: add explicit checks for RSC header (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83\"\u003e#83\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d166096c399c4fc4e09cd2d1bf26dca6579a855d\"\u003e\u003ccode\u003ed166096\u003c/code\u003e\u003c/a\u003e fix proxy matching for segment prefetch URLs (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89\"\u003e#89\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9d50c0b7190f59c470308578e12882788819f14c\"\u003e\u003ccode\u003e9d50c0b\u003c/code\u003e\u003c/a\u003e Strip next-resume header from incoming requests (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v9.3.3...v16.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/lukasz-karolewski/wireguard-manager/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/lukasz-karolewski/wireguard-manager/pull/21","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/lukasz-karolewski%2Fwireguard-manager/issues/21","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/21/packages"}},{"old_version":"1.0.2","new_version":"1.1.1","update_type":"minor","path":null,"pr_created_at":"2026-05-20T00:18:47.000Z","version_change":"1.0.2 → 1.1.1","issue":{"uuid":"4482068411","node_id":"PR_kwDOSVDIUM7dTh0j","number":4,"state":"open","title":"build(deps): bump the production-dependencies group across 1 directory with 58 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-20T00:18:47.000Z","updated_at":"2026-05-20T00:21:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"production-dependencies","update_count":58,"packages":[{"name":"@anthropic-ai/sdk","old_version":"0.71.0","new_version":"0.97.1","repository_url":"https://github.com/anthropics/anthropic-sdk-typescript"},{"name":"@supabase/supabase-js","old_version":"2.86.0","new_version":"2.106.0","repository_url":"https://github.com/supabase/supabase-js"},{"name":"next","old_version":"16.1.1","new_version":"16.2.6","repository_url":"https://github.com/vercel/next.js"},{"name":"openai","old_version":"6.9.0","new_version":"6.38.0","repository_url":"https://github.com/openai/openai-node"},{"name":"tailwind-merge","old_version":"3.4.0","new_version":"3.6.0","repository_url":"https://github.com/dcastil/tailwind-merge"},{"name":"@ai-sdk/react","old_version":"2.0.93","new_version":"3.0.187","repository_url":"https://github.com/vercel/ai"},{"name":"@aws-sdk/client-s3","old_version":"3.437.0","new_version":"3.1050.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"},{"name":"@fumadocs/content-collections","old_version":"1.2.4","new_version":"1.2.9","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"@next/third-parties","old_version":"16.0.3","new_version":"16.2.6","repository_url":"https://github.com/vercel/next.js"},{"name":"@orpc/client","old_version":"1.11.2","new_version":"1.14.3","repository_url":"https://github.com/middleapi/orpc"},{"name":"@orpc/tanstack-query","old_version":"1.11.2","new_version":"1.14.3","repository_url":"https://github.com/middleapi/orpc"},{"name":"@prisma/nextjs-monorepo-workaround-plugin","old_version":"6.19.0","new_version":"7.8.0","repository_url":"https://github.com/prisma/prisma"},{"name":"@tanstack/react-query","old_version":"5.90.9","new_version":"5.100.11","repository_url":"https://github.com/TanStack/query"},{"name":"ai","old_version":"5.0.93","new_version":"6.0.185","repository_url":"https://github.com/vercel/ai"},{"name":"better-auth","old_version":"1.3.34","new_version":"1.6.11","repository_url":"https://github.com/better-auth/better-auth"},{"name":"date-fns","old_version":"4.1.0","new_version":"4.2.1","repository_url":"https://github.com/date-fns/date-fns"},{"name":"es-toolkit","old_version":"1.41.0","new_version":"1.46.1","repository_url":"https://github.com/toss/es-toolkit"},{"name":"fumadocs-core","old_version":"16.0.11","new_version":"16.8.12","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"fumadocs-ui","old_version":"16.0.11","new_version":"16.8.12","repository_url":"https://github.com/fuma-nama/fumadocs"},{"name":"hono","old_version":"4.10.5","new_version":"4.12.21","repository_url":"https://github.com/honojs/hono"},{"name":"js-cookie","old_version":"3.0.5","new_version":"3.0.7","repository_url":"https://github.com/js-cookie/js-cookie"},{"name":"lucide-react","old_version":"0.553.0","new_version":"1.16.0","repository_url":"https://github.com/lucide-icons/lucide"},{"name":"next-intl","old_version":"4.5.3","new_version":"4.12.0","repository_url":"https://github.com/amannn/next-intl"},{"name":"nuqs","old_version":"2.7.3","new_version":"2.8.9","repository_url":"https://github.com/47ng/nuqs"},{"name":"pg","old_version":"8.16.3","new_version":"8.21.0","repository_url":"https://github.com/brianc/node-postgres"},{"name":"prettier","old_version":"3.6.2","new_version":"3.8.3","repository_url":"https://github.com/prettier/prettier"},{"name":"react","old_version":"19.2.0","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"react-dom","old_version":"19.2.0","new_version":"19.2.6","repository_url":"https://github.com/facebook/react"},{"name":"react-dropzone","old_version":"14.3.8","new_version":"15.0.0","repository_url":"https://github.com/react-dropzone/react-dropzone"},{"name":"react-hook-form","old_version":"7.66.0","new_version":"7.76.0","repository_url":"https://github.com/react-hook-form/react-hook-form"},{"name":"react-qr-code","old_version":"2.0.18","new_version":"2.0.21","repository_url":"https://github.com/rosskhanas/react-qr-code"},{"name":"resend","old_version":"6.4.2","new_version":"6.12.3","repository_url":"https://github.com/resend/resend-node"},{"name":"slugify","old_version":"1.6.6","new_version":"1.6.9","repository_url":"https://github.com/simov/slugify"},{"name":"stripe","old_version":"19.3.1","new_version":"22.1.1","repository_url":"https://github.com/stripe/stripe-node"},{"name":"ufo","old_version":"1.6.1","new_version":"1.6.4","repository_url":"https://github.com/unjs/ufo"},{"name":"uuid","old_version":"13.0.0","new_version":"14.0.0","repository_url":"https://github.com/uuidjs/uuid"},{"name":"zod","old_version":"4.1.12","new_version":"4.4.3","repository_url":"https://github.com/colinhacks/zod"},{"name":"@ai-sdk/anthropic","old_version":"2.0.44","new_version":"3.0.78","repository_url":"https://github.com/vercel/ai"},{"name":"@ai-sdk/openai","old_version":"2.0.65","new_version":"3.0.64","repository_url":"https://github.com/vercel/ai"},{"name":"@orpc/json-schema","old_version":"1.11.2","new_version":"1.14.3","repository_url":"https://github.com/middleapi/orpc"},{"name":"@orpc/openapi","old_version":"1.11.2","new_version":"1.14.3","repository_url":"https://github.com/middleapi/orpc"},{"name":"@orpc/server","old_version":"1.11.2","new_version":"1.14.3","repository_url":"https://github.com/middleapi/orpc"},{"name":"@orpc/zod","old_version":"1.11.2","new_version":"1.14.3","repository_url":"https://github.com/middleapi/orpc"},{"name":"@scalar/hono-api-reference","old_version":"0.9.24","new_version":"0.10.16","repository_url":"https://github.com/scalar/scalar"},{"name":"cookie","old_version":"1.0.2","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"},{"name":"nanoid","old_version":"5.1.6","new_version":"5.1.11","repository_url":"https://github.com/ai/nanoid"},{"name":"use-intl","old_version":"4.5.3","new_version":"4.12.0","repository_url":"https://github.com/amannn/next-intl"},{"name":"@paralleldrive/cuid2","old_version":"3.1.0","new_version":"3.3.0","repository_url":"https://github.com/ericelliott/cuid2"},{"name":"@prisma/adapter-pg","old_version":"6.19.0","new_version":"7.8.0","repository_url":"https://github.com/prisma/prisma"},{"name":"@prisma/client","old_version":"6.19.0","new_version":"7.8.0","repository_url":"https://github.com/prisma/prisma"},{"name":"drizzle-orm","old_version":"0.44.7","new_version":"0.45.2","repository_url":"https://github.com/drizzle-team/drizzle-orm"},{"name":"@react-email/components","old_version":"1.0.1","new_version":"1.0.12","repository_url":"https://github.com/resend/react-email"},{"name":"@react-email/render","old_version":"2.0.0","new_version":"2.0.8","repository_url":"https://github.com/resend/react-email"},{"name":"nodemailer","old_version":"7.0.10","new_version":"8.0.7","repository_url":"https://github.com/nodemailer/nodemailer"},{"name":"react-email","old_version":"5.0.4","new_version":"6.1.5","repository_url":"https://github.com/resend/react-email"},{"name":"@polar-sh/sdk","old_version":"0.41.4","new_version":"0.47.1","repository_url":"https://github.com/polarsource/polar-js"},{"name":"dodopayments","old_version":"2.5.0","new_version":"2.31.2","repository_url":"https://github.com/dodopayments/dodopayments-typescript"},{"name":"@aws-sdk/s3-request-presigner","old_version":"3.437.0","new_version":"3.1050.0","repository_url":"https://github.com/aws/aws-sdk-js-v3"}],"path":null,"ecosystem":"npm"},"body":"Bumps the production-dependencies group with 58 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@anthropic-ai/sdk](https://github.com/anthropics/anthropic-sdk-typescript) | `0.71.0` | `0.97.1` |\n| [@supabase/supabase-js](https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js) | `2.86.0` | `2.106.0` |\n| [next](https://github.com/vercel/next.js) | `16.1.1` | `16.2.6` |\n| [openai](https://github.com/openai/openai-node) | `6.9.0` | `6.38.0` |\n| [tailwind-merge](https://github.com/dcastil/tailwind-merge) | `3.4.0` | `3.6.0` |\n| [@ai-sdk/react](https://github.com/vercel/ai/tree/HEAD/packages/react) | `2.0.93` | `3.0.187` |\n| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.437.0` | `3.1050.0` |\n| [@fumadocs/content-collections](https://github.com/fuma-nama/fumadocs) | `1.2.4` | `1.2.9` |\n| [@next/third-parties](https://github.com/vercel/next.js/tree/HEAD/packages/third-parties) | `16.0.3` | `16.2.6` |\n| [@orpc/client](https://github.com/middleapi/orpc/tree/HEAD/packages/client) | `1.11.2` | `1.14.3` |\n| [@orpc/tanstack-query](https://github.com/middleapi/orpc/tree/HEAD/packages/tanstack-query) | `1.11.2` | `1.14.3` |\n| [@prisma/nextjs-monorepo-workaround-plugin](https://github.com/prisma/prisma/tree/HEAD/packages/nextjs-monorepo-workaround-plugin) | `6.19.0` | `7.8.0` |\n| [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.90.9` | `5.100.11` |\n| [ai](https://github.com/vercel/ai/tree/HEAD/packages/ai) | `5.0.93` | `6.0.185` |\n| [better-auth](https://github.com/better-auth/better-auth/tree/HEAD/packages/better-auth) | `1.3.34` | `1.6.11` |\n| [date-fns](https://github.com/date-fns/date-fns) | `4.1.0` | `4.2.1` |\n| [es-toolkit](https://github.com/toss/es-toolkit) | `1.41.0` | `1.46.1` |\n| [fumadocs-core](https://github.com/fuma-nama/fumadocs) | `16.0.11` | `16.8.12` |\n| [fumadocs-ui](https://github.com/fuma-nama/fumadocs) | `16.0.11` | `16.8.12` |\n| [hono](https://github.com/honojs/hono) | `4.10.5` | `4.12.21` |\n| [js-cookie](https://github.com/js-cookie/js-cookie) | `3.0.5` | `3.0.7` |\n| [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.553.0` | `1.16.0` |\n| [next-intl](https://github.com/amannn/next-intl) | `4.5.3` | `4.12.0` |\n| [nuqs](https://github.com/47ng/nuqs/tree/HEAD/packages/nuqs) | `2.7.3` | `2.8.9` |\n| [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.16.3` | `8.21.0` |\n| [prettier](https://github.com/prettier/prettier) | `3.6.2` | `3.8.3` |\n| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.0` | `19.2.6` |\n| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.0` | `19.2.6` |\n| [react-dropzone](https://github.com/react-dropzone/react-dropzone) | `14.3.8` | `15.0.0` |\n| [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.66.0` | `7.76.0` |\n| [react-qr-code](https://github.com/rosskhanas/react-qr-code) | `2.0.18` | `2.0.21` |\n| [resend](https://github.com/resend/resend-node) | `6.4.2` | `6.12.3` |\n| [slugify](https://github.com/simov/slugify) | `1.6.6` | `1.6.9` |\n| [stripe](https://github.com/stripe/stripe-node) | `19.3.1` | `22.1.1` |\n| [ufo](https://github.com/unjs/ufo) | `1.6.1` | `1.6.4` |\n| [uuid](https://github.com/uuidjs/uuid) | `13.0.0` | `14.0.0` |\n| [zod](https://github.com/colinhacks/zod) | `4.1.12` | `4.4.3` |\n| [@ai-sdk/anthropic](https://github.com/vercel/ai/tree/HEAD/packages/anthropic) | `2.0.44` | `3.0.78` |\n| [@ai-sdk/openai](https://github.com/vercel/ai/tree/HEAD/packages/openai) | `2.0.65` | `3.0.64` |\n| [@orpc/json-schema](https://github.com/middleapi/orpc/tree/HEAD/packages/json-schema) | `1.11.2` | `1.14.3` |\n| [@orpc/openapi](https://github.com/middleapi/orpc/tree/HEAD/packages/openapi) | `1.11.2` | `1.14.3` |\n| [@orpc/server](https://github.com/middleapi/orpc/tree/HEAD/packages/server) | `1.11.2` | `1.14.3` |\n| [@orpc/zod](https://github.com/middleapi/orpc/tree/HEAD/packages/zod) | `1.11.2` | `1.14.3` |\n| [@scalar/hono-api-reference](https://github.com/scalar/scalar/tree/HEAD/integrations/hono) | `0.9.24` | `0.10.16` |\n| [cookie](https://github.com/jshttp/cookie) | `1.0.2` | `1.1.1` |\n| [nanoid](https://github.com/ai/nanoid) | `5.1.6` | `5.1.11` |\n| [use-intl](https://github.com/amannn/next-intl) | `4.5.3` | `4.12.0` |\n| [@paralleldrive/cuid2](https://github.com/ericelliott/cuid2) | `3.1.0` | `3.3.0` |\n| [@prisma/adapter-pg](https://github.com/prisma/prisma/tree/HEAD/packages/adapter-pg) | `6.19.0` | `7.8.0` |\n| [@prisma/client](https://github.com/prisma/prisma/tree/HEAD/packages/client) | `6.19.0` | `7.8.0` |\n| [drizzle-orm](https://github.com/drizzle-team/drizzle-orm) | `0.44.7` | `0.45.2` |\n| [@react-email/components](https://github.com/resend/react-email/tree/HEAD/packages/components) | `1.0.1` | `1.0.12` |\n| [@react-email/render](https://github.com/resend/react-email/tree/HEAD/packages/render) | `2.0.0` | `2.0.8` |\n| [nodemailer](https://github.com/nodemailer/nodemailer) | `7.0.10` | `8.0.7` |\n| [react-email](https://github.com/resend/react-email/tree/HEAD/packages/react-email) | `5.0.4` | `6.1.5` |\n| [@polar-sh/sdk](https://github.com/polarsource/polar-js) | `0.41.4` | `0.47.1` |\n| [dodopayments](https://github.com/dodopayments/dodopayments-typescript) | `2.5.0` | `2.31.2` |\n| [@aws-sdk/s3-request-presigner](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/s3-request-presigner) | `3.437.0` | `3.1050.0` |\n\n\nUpdates `@anthropic-ai/sdk` from 0.71.0 to 0.97.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/releases\"\u003e@​anthropic-ai/sdk's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esdk: v0.97.1\u003c/h2\u003e\n\u003ch2\u003e0.97.1 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.0...sdk-v0.97.1\"\u003esdk-v0.97.0...sdk-v0.97.1\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner:\u003c/strong\u003e skip tool calls SessionToolRunner does not own (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9987379abeaf28b17edb5518ac229d2a6caa4bf6\"\u003e9987379\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.97.0\u003c/h2\u003e\n\u003ch2\u003e0.97.0 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.96.0...sdk-v0.97.0\"\u003esdk-v0.96.0...sdk-v0.97.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e Add support for self-hosted sandboxes in CMA with sandbox helpers (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/659a343c820e316229715466b64e420428ee762b\"\u003e659a343\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript:\u003c/strong\u003e upgrade tsc-multi so that it works with Node 26 (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/623f71c848ce9b3b88eb08e009b6b3d08a6e5c1c\"\u003e623f71c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etests:\u003c/strong\u003e remove redundant File import (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cf821fcc06f84cb2150cc0ed4ddb862b5d67f633\"\u003ecf821fc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.96.0\u003c/h2\u003e\n\u003ch2\u003e0.96.0 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.95.2...sdk-v0.96.0\"\u003esdk-v0.95.2...sdk-v0.96.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add BetaManagedAgentsSearchResultBlock types (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/08f02f3d0c34a9563b17af40b227acf3b105f8a3\"\u003e08f02f3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for cache diagnostics beta (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/eafbd6d78b81253c79cb861de6a9232b18eb60de\"\u003eeafbd6d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ezod:\u003c/strong\u003e ensure only zod/v4 types are used (\u003ca href=\"https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/992\"\u003e#992\u003c/a\u003e) (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9e08bcc988697c195b31569b7519b7954aea6372\"\u003e9e08bcc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e spec updates (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/27d64ef828dc4ec11d44118a7ed1fcf83d67da0d\"\u003e27d64ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esdk: v0.95.2\u003c/h2\u003e\n\u003ch2\u003e0.95.2 (2026-05-11)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/blob/main/CHANGELOG.md\"\u003e@​anthropic-ai/sdk's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.97.1 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.97.0...sdk-v0.97.1\"\u003esdk-v0.97.0...sdk-v0.97.1\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erunner:\u003c/strong\u003e skip tool calls SessionToolRunner does not own (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9987379abeaf28b17edb5518ac229d2a6caa4bf6\"\u003e9987379\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.97.0 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.96.0...sdk-v0.97.0\"\u003esdk-v0.96.0...sdk-v0.97.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e Add support for self-hosted sandboxes in CMA with sandbox helpers (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/659a343c820e316229715466b64e420428ee762b\"\u003e659a343\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etypescript:\u003c/strong\u003e upgrade tsc-multi so that it works with Node 26 (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/623f71c848ce9b3b88eb08e009b6b3d08a6e5c1c\"\u003e623f71c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003etests:\u003c/strong\u003e remove redundant File import (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cf821fcc06f84cb2150cc0ed4ddb862b5d67f633\"\u003ecf821fc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.96.0 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.95.2...sdk-v0.96.0\"\u003esdk-v0.95.2...sdk-v0.96.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add BetaManagedAgentsSearchResultBlock types (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/08f02f3d0c34a9563b17af40b227acf3b105f8a3\"\u003e08f02f3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e Add support for cache diagnostics beta (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/eafbd6d78b81253c79cb861de6a9232b18eb60de\"\u003eeafbd6d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ezod:\u003c/strong\u003e ensure only zod/v4 types are used (\u003ca href=\"https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/992\"\u003e#992\u003c/a\u003e) (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/9e08bcc988697c195b31569b7519b7954aea6372\"\u003e9e08bcc\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e spec updates (\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/27d64ef828dc4ec11d44118a7ed1fcf83d67da0d\"\u003e27d64ef\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.95.2 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.95.1...sdk-v0.95.2\"\u003esdk-v0.95.1...sdk-v0.95.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.95.1 (2026-05-07)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/ac9ece3c566b4488dcf73849c17b656ec2d7d17d\"\u003e\u003ccode\u003eac9ece3\u003c/code\u003e\u003c/a\u003e chore: release main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/1987147935325ea6b1e0f96cea6851c9d407e6c2\"\u003e\u003ccode\u003e1987147\u003c/code\u003e\u003c/a\u003e fix(runner): skip tool calls SessionToolRunner does not own\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/409ff0e5027422a5ede84280cb851c1de108c246\"\u003e\u003ccode\u003e409ff0e\u003c/code\u003e\u003c/a\u003e chore: release main (\u003ca href=\"https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/1052\"\u003e#1052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/a53f60d59ca904f3e79296586642aac3ce68ae02\"\u003e\u003ccode\u003ea53f60d\u003c/code\u003e\u003c/a\u003e chore: release main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/d1b8d04617c5167f1296520b4c9b1156d0482159\"\u003e\u003ccode\u003ed1b8d04\u003c/code\u003e\u003c/a\u003e feat(api): Add support for cache diagnostics beta\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/8e43bf81bc7029411e5a3b81b485d8dda364b376\"\u003e\u003ccode\u003e8e43bf8\u003c/code\u003e\u003c/a\u003e chore(api): spec updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/697e4d592bb3a1258788bd3064ac4dc35671e896\"\u003e\u003ccode\u003e697e4d5\u003c/code\u003e\u003c/a\u003e codegen metadata\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/cd5801cbf6cc4db5f6eee155643294feda0ba588\"\u003e\u003ccode\u003ecd5801c\u003c/code\u003e\u003c/a\u003e feat(api): Add BetaManagedAgentsSearchResultBlock types\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/dce6bc7d0d8c38cbdfe6414587eb0e2e82dfd6f0\"\u003e\u003ccode\u003edce6bc7\u003c/code\u003e\u003c/a\u003e ci: pin GitHub Actions to commit SHAs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/commit/4eee5232602bc3f1f91d8676267b1bd821e16e7f\"\u003e\u003ccode\u003e4eee523\u003c/code\u003e\u003c/a\u003e fix(zod): ensure only zod/v4 types are used (\u003ca href=\"https://redirect.github.com/anthropics/anthropic-sdk-typescript/issues/992\"\u003e#992\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/anthropics/anthropic-sdk-typescript/compare/sdk-v0.71.0...sdk-v0.97.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@supabase/supabase-js` from 2.86.0 to 2.106.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/supabase/supabase-js/releases\"\u003e@​supabase/supabase-js's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.106.0\u003c/h2\u003e\n\u003ch2\u003e2.106.0 (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esupabase:\u003c/strong\u003e W3C/OpenTelemetry trace context propagation (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2163\"\u003e#2163\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eauth:\u003c/strong\u003e return null user and session for email_change single-confirmation verifyOtp (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2378\"\u003e#2378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003erelease:\u003c/strong\u003e mark \u003ccode\u003e@​supabase/tracing\u003c/code\u003e private and snapshot it for JSR (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2370\"\u003e#2370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003estorage:\u003c/strong\u003e make StreamDownloadBuilder implement Promise and memoize executor (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2367\"\u003e#2367\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eClaude Sonnet 4.5\u003c/li\u003e\n\u003cli\u003eGuilherme Souza\u003c/li\u003e\n\u003cli\u003eKaterina Skroumpelou \u003ca href=\"https://github.com/mandarini\"\u003e\u003ccode\u003e@​mandarini\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eoniani1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.106.0-canary.4\u003c/h2\u003e\n\u003ch2\u003e2.106.0-canary.4 (2026-05-15)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only, there were no code changes.\u003c/p\u003e\n\u003ch2\u003ev2.106.0-canary.3\u003c/h2\u003e\n\u003ch2\u003e2.106.0-canary.3 (2026-05-15)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only, there were no code changes.\u003c/p\u003e\n\u003ch2\u003ev2.106.0-canary.2\u003c/h2\u003e\n\u003ch2\u003e2.106.0-canary.2 (2026-05-14)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only, there were no code changes.\u003c/p\u003e\n\u003ch2\u003ev2.106.0-canary.1\u003c/h2\u003e\n\u003ch2\u003e2.106.0-canary.1 (2026-05-13)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erelease:\u003c/strong\u003e mark \u003ccode\u003e@​supabase/tracing\u003c/code\u003e private and snapshot it for JSR (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2370\"\u003e#2370\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eKaterina Skroumpelou \u003ca href=\"https://github.com/mandarini\"\u003e\u003ccode\u003e@​mandarini\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.106.0-canary.0\u003c/h2\u003e\n\u003ch2\u003e2.106.0-canary.0 (2026-05-13)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/supabase/supabase-js/blob/master/packages/core/supabase-js/CHANGELOG.md\"\u003e@​supabase/supabase-js's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.106.0 (2026-05-18)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esupabase:\u003c/strong\u003e W3C/OpenTelemetry trace context propagation (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2163\"\u003e#2163\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003erelease:\u003c/strong\u003e mark \u003ccode\u003e@​supabase/tracing\u003c/code\u003e private and snapshot it for JSR (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2370\"\u003e#2370\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eClaude Sonnet 4.5\u003c/li\u003e\n\u003cli\u003eGuilherme Souza\u003c/li\u003e\n\u003cli\u003eKaterina Skroumpelou \u003ca href=\"https://github.com/mandarini\"\u003e\u003ccode\u003e@​mandarini\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.105.4 (2026-05-08)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for \u003ccode\u003e@​supabase/supabase-js\u003c/code\u003e to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003ch2\u003e2.105.2 (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eauth:\u003c/strong\u003e forward lockAcquireTimeout to SupabaseAuthClient (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2309\"\u003e#2309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisc:\u003c/strong\u003e widen enum-like unions with (string \u0026amp; {}) for forward compat (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2303\"\u003e#2303\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMuzzaiyyan Hussain \u003ca href=\"https://github.com/MuzzaiyyanHussain\"\u003e\u003ccode\u003e@​MuzzaiyyanHussain\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.105.1 (2026-04-28)\u003c/h2\u003e\n\u003cp\u003eThis was a version bump only for \u003ccode\u003e@​supabase/supabase-js\u003c/code\u003e to align it with other projects, there were no code changes.\u003c/p\u003e\n\u003ch2\u003e2.105.0 (2026-04-27)\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eauth:\u003c/strong\u003e add passkey support with WebAuthn registration, authentication, and management (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2283\"\u003e#2283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003erealtime:\u003c/strong\u003e Realtime deferred disconnect (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2282\"\u003e#2282\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.104.1 (2026-04-23)\u003c/h2\u003e\n\u003ch3\u003e🩹 Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esupabase:\u003c/strong\u003e propagate custom fetch to realtime client (\u003ca href=\"https://redirect.github.com/supabase/supabase-js/pull/2267\"\u003e#2267\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e❤️ Thank You\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/1c48755657c5f7aac5e4a7abf3f68f27efc0c746\"\u003e\u003ccode\u003e1c48755\u003c/code\u003e\u003c/a\u003e chore(deps): cleanups and updates (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2371\"\u003e#2371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/9dfba1c3d98c2c41c60f940a211950dfd3924e01\"\u003e\u003ccode\u003e9dfba1c\u003c/code\u003e\u003c/a\u003e chore(repo): migrate to pnpm (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2368\"\u003e#2368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/6731c4a900135ecbb14420bb3f3fe39196a0a9db\"\u003e\u003ccode\u003e6731c4a\u003c/code\u003e\u003c/a\u003e fix(release): mark \u003ccode\u003e@​supabase/tracing\u003c/code\u003e private and snapshot it for JSR (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2370\"\u003e#2370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/2fe1801fd5e9e03dd22308bcb98854429f634dd4\"\u003e\u003ccode\u003e2fe1801\u003c/code\u003e\u003c/a\u003e feat(supabase): W3C/OpenTelemetry trace context propagation (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2163\"\u003e#2163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/fae67728092fad24bd2b926f0fe57ef3e3554fc1\"\u003e\u003ccode\u003efae6772\u003c/code\u003e\u003c/a\u003e chore(repo): update to nx 22 (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2353\"\u003e#2353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/c6f7a386867d07ae45e5846543ded70e485c6ea1\"\u003e\u003ccode\u003ec6f7a38\u003c/code\u003e\u003c/a\u003e chore(release): version 2.105.4 changelogs (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2342\"\u003e#2342\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/db53b0fd15f413e75220104c180ae0539b2aa556\"\u003e\u003ccode\u003edb53b0f\u003c/code\u003e\u003c/a\u003e chore(release): version 2.105.2 changelogs (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2323\"\u003e#2323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/5223888e85bf3f8f176bd2321e735aac1f31f44a\"\u003e\u003ccode\u003e5223888\u003c/code\u003e\u003c/a\u003e [patchback] docs(repo): \u003ca href=\"https://github.com/category\"\u003e\u003ccode\u003e@​category\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/subcategory\"\u003e\u003ccode\u003e@​subcategory\u003c/code\u003e\u003c/a\u003e tags across all packages (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/0412d0db46ac482a39694cfd932a68d0d95064a3\"\u003e\u003ccode\u003e0412d0d\u003c/code\u003e\u003c/a\u003e fix(auth): forward lockAcquireTimeout to SupabaseAuthClient (\u003ca href=\"https://github.com/supabase/supabase-js/tree/HEAD/packages/core/supabase-js/issues/2309\"\u003e#2309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/supabase/supabase-js/commit/42c9cbbcba16b4b4b916c870e9bcd8a64ad71141\"\u003e\u003ccode\u003e42c9cbb\u003c/code\u003e\u003c/a\u003e [patchback] fix(misc): widen enum-like unions with (string \u0026amp; {}) for forward ...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/supabase/supabase-js/commits/v2.106.0/packages/core/supabase-js\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 16.1.1 to 16.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - \u003cstrong\u003eIncomplete Fix Follow-Up\u003c/strong\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModerate:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLow:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCore Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve HTTP access fallbacks during prerender recovery (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92231\"\u003e#92231\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix fallback route params case in app-page handler (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91737\"\u003e#91737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix invalid HTML response for route-level RSC requests in deployment adapter (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/91541\"\u003e#91541\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePatch setHeader for direct route handlers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93101\"\u003e#93101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude deployment id in \u003ccode\u003ecacheHandlers\u003c/code\u003e keys (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93453\"\u003e#93453\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix double-encoding of URL pathname parts in client param parsing (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93491\"\u003e#93491\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev16.2.5\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ee6e79b1792a4d401ddf2480f40a83549fe8e722\"\u003e\u003ccode\u003eee6e79b\u003c/code\u003e\u003c/a\u003e v16.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/afa053d9eb9c2a68c7eba43e84fe6bed8babcd45\"\u003e\u003ccode\u003eafa053d\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/97a154e5bbee0cb1ac3fb8aa4db66ac36e796e3d\"\u003e\u003ccode\u003e97a154e\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/83899bc89103d4df1479e065c7c1e09d4698a7b6\"\u003e\u003ccode\u003e83899bc\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/7b222b90954d607fc28a34e9b360a9b1636bc206\"\u003e\u003ccode\u003e7b222b9\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93595\"\u003e#93595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/a8dc24f1fe23d4a22d24fac734837f7c824138f7\"\u003e\u003ccode\u003ea8dc24f\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93587\"\u003e#93587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/766148f9cd48c0e218acafcd0f15defc14871bf4\"\u003e\u003ccode\u003e766148f\u003c/code\u003e\u003c/a\u003e v16.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/0dd94836a8b43209fcfefa448c141683c22c1a27\"\u003e\u003ccode\u003e0dd9483\u003c/code\u003e\u003c/a\u003e fix: add explicit checks for RSC header (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/83\"\u003e#83\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/d166096c399c4fc4e09cd2d1bf26dca6579a855d\"\u003e\u003ccode\u003ed166096\u003c/code\u003e\u003c/a\u003e fix proxy matching for segment prefetch URLs (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/89\"\u003e#89\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9d50c0b7190f59c470308578e12882788819f14c\"\u003e\u003ccode\u003e9d50c0b\u003c/code\u003e\u003c/a\u003e Strip next-resume header from incoming requests (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v16.1.1...v16.2.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `openai` from 6.9.0 to 6.38.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/openai/openai-node/releases\"\u003eopenai's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.38.0\u003c/h2\u003e\n\u003ch2\u003e6.38.0 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/openai/openai-node/compare/v6.37.0...v6.38.0\"\u003ev6.37.0...v6.38.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add service_tier parameter to responses compact method (\u003ca href=\"https://github.com/openai/openai-node/commit/423e838c498bd1b77f3b732cfc43c54fc5d261df\"\u003e423e838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.37.0\u003c/h2\u003e\n\u003ch2\u003e6.37.0 (2026-05-07)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/openai/openai-node/compare/v6.36.0...v6.37.0\"\u003ev6.36.0...v6.37.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add quantity field to admin organization usage responses (\u003ca href=\"https://github.com/openai/openai-node/commit/273a8f73e65839fb4d2ebc2a54ccc38383bd7517\"\u003e273a8f7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add web_search_call.results output option to responses (\u003ca href=\"https://github.com/openai/openai-node/commit/91c75e064f12946d3774cb182e5cd795000019ce\"\u003e91c75e0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e launch realtime translate + update image 2 (\u003ca href=\"https://github.com/openai/openai-node/commit/a296b661f0598ed001309d7deb693caa1596875c\"\u003ea296b66\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e manual updates (\u003ca href=\"https://github.com/openai/openai-node/commit/794b90513f5ca63bd95c6cf774722fa6aeae293d\"\u003e794b905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e manual updates (\u003ca href=\"https://github.com/openai/openai-node/commit/69637293939580a9d20bd9274d86f23a012ffd87\"\u003e6963729\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e realtime 2 (\u003ca href=\"https://github.com/openai/openai-node/commit/f4b717702182adfc684270c0e7d5ff11d6c7a408\"\u003ef4b7177\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e fix imagegen \u003ccode\u003esize\u003c/code\u003e enum regression (\u003ca href=\"https://github.com/openai/openai-node/commit/4fe8469a7c1f892d586df375a449f6bd0e318b15\"\u003e4fe8469\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eredact api-key headers in debug logs (\u003ca href=\"https://github.com/openai/openai-node/commit/99c9c800e179c13659b96386dedd6c17dd6ffb8d\"\u003e99c9c80\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.36.0\u003c/h2\u003e\n\u003ch2\u003e6.36.0 (2026-05-01)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/openai/openai-node/compare/v6.35.0...v6.36.0\"\u003ev6.35.0...v6.36.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add group_type/user metadata fields, update types across admin resources (\u003ca href=\"https://github.com/openai/openai-node/commit/cc52f9755e3ce3b29ea2266482521c8d83ab88ad\"\u003ecc52f97\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add support for Admin API Keys per endpoint (\u003ca href=\"https://github.com/openai/openai-node/commit/770d187be1d6c0419002a9b01e7dec6a99761f94\"\u003e770d187\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e admin API updates (\u003ca href=\"https://github.com/openai/openai-node/commit/ee2bd2d8e66a5b90f80e6ca8ab4544385d9a5de3\"\u003eee2bd2d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e manual updates (\u003ca href=\"https://github.com/openai/openai-node/commit/6af2b6dfd86e4d7e7a2cb5afb1275217fcd5d242\"\u003e6af2b6d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e manual updates (\u003ca href=\"https://github.com/openai/openai-node/commit/f2dceda58fce6e44e740b56b9337597275d25e5b\"\u003ef2dceda\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e support admin api key auth (\u003ca href=\"https://github.com/openai/openai-node/commit/e3862a3d415ba3cedb178718e2c9bc0c2d09e01e\"\u003ee3862a3\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/openai/openai-node/blob/master/CHANGELOG.md\"\u003eopenai's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.38.0 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/openai/openai-node/compare/v6.37.0...v6.38.0\"\u003ev6.37.0...v6.38.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add service_tier parameter to responses compact method (\u003ca href=\"https://github.com/openai/openai-node/commit/423e838c498bd1b77f3b732cfc43c54fc5d261df\"\u003e423e838\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.37.0 (2026-05-07)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/openai/openai-node/compare/v6.36.0...v6.37.0\"\u003ev6.36.0...v6.37.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add quantity field to admin organization usage responses (\u003ca href=\"https://github.com/openai/openai-node/commit/273a8f73e65839fb4d2ebc2a54ccc38383bd7517\"\u003e273a8f7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add web_search_call.results output option to responses (\u003ca href=\"https://github.com/openai/openai-node/commit/91c75e064f12946d3774cb182e5cd795000019ce\"\u003e91c75e0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e launch realtime translate + update image 2 (\u003ca href=\"https://github.com/openai/openai-node/commit/a296b661f0598ed001309d7deb693caa1596875c\"\u003ea296b66\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e manual updates (\u003ca href=\"https://github.com/openai/openai-node/commit/794b90513f5ca63bd95c6cf774722fa6aeae293d\"\u003e794b905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e manual updates (\u003ca href=\"https://github.com/openai/openai-node/commit/69637293939580a9d20bd9274d86f23a012ffd87\"\u003e6963729\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e realtime 2 (\u003ca href=\"https://github.com/openai/openai-node/commit/f4b717702182adfc684270c0e7d5ff11d6c7a408\"\u003ef4b7177\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e fix imagegen \u003ccode\u003esize\u003c/code\u003e enum regression (\u003ca href=\"https://github.com/openai/openai-node/commit/4fe8469a7c1f892d586df375a449f6bd0e318b15\"\u003e4fe8469\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eredact api-key headers in debug logs (\u003ca href=\"https://github.com/openai/openai-node/commit/99c9c800e179c13659b96386dedd6c17dd6ffb8d\"\u003e99c9c80\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.36.0 (2026-05-01)\u003c/h2\u003e\n\u003cp\u003eFull Changelog: \u003ca href=\"https://github.com/openai/openai-node/compare/v6.35.0...v6.36.0\"\u003ev6.35.0...v6.36.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add group_type/user metadata fields, update types across admin resources (\u003ca href=\"https://github.com/openai/openai-node/commit/cc52f9755e3ce3b29ea2266482521c8d83ab88ad\"\u003ecc52f97\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e add support for Admin API Keys per endpoint (\u003ca href=\"https://github.com/openai/openai-node/commit/770d187be1d6c0419002a9b01e7dec6a99761f94\"\u003e770d187\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e admin API updates (\u003ca href=\"https://github.com/openai/openai-node/commit/ee2bd2d8e66a5b90f80e6ca8ab4544385d9a5de3\"\u003eee2bd2d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e manual updates (\u003ca href=\"https://github.com/openai/openai-node/commit/6af2b6dfd86e4d7e7a2cb5afb1275217fcd5d242\"\u003e6af2b6d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e manual updates (\u003ca href=\"https://github.com/openai/openai-node/commit/f2dceda58fce6e44e740b56b9337597275d25e5b\"\u003ef2dceda\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e support admin api key auth (\u003ca href=\"https://github.com/openai/openai-node/commit/e3862a3d415ba3cedb178718e2c9bc0c2d09e01e\"\u003ee3862a3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eapi:\u003c/strong\u003e tighten auth header selection (\u003ca href=\"https://github.com/openai/openai-node/commit/f1203bd884fb4131c54d9d7b8f89e9db3f4fc57c\"\u003ef1203bd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/87f3b041c80917f8d416c69f9237ac07239da577\"\u003e\u003ccode\u003e87f3b04\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/openai/openai-node/issues/1870\"\u003e#1870\u003c/a\u003e from openai/release-please--branches--master--change...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/9d917763b12451b08702c0fe167e5c3ca297db51\"\u003e\u003ccode\u003e9d91776\u003c/code\u003e\u003c/a\u003e release: 6.38.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/427ae2bde6dfa798d160c9530a2dea30f06069e6\"\u003e\u003ccode\u003e427ae2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/openai/openai-node/issues/1127\"\u003e#1127\u003c/a\u003e from stainless-sdks/dev/jtian/remove-unnecessary-params\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/255142ec3b468c99ef0c4f4100f5e40bc21b3779\"\u003e\u003ccode\u003e255142e\u003c/code\u003e\u003c/a\u003e [feat] Remove unnecessary params client id during init\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/423e838c498bd1b77f3b732cfc43c54fc5d261df\"\u003e\u003ccode\u003e423e838\u003c/code\u003e\u003c/a\u003e feat(api): add service_tier parameter to responses compact method\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/b0e89cddad2e9ee4f8262c0f1157c7376ecf4156\"\u003e\u003ccode\u003eb0e89cd\u003c/code\u003e\u003c/a\u003e release: 6.37.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/21510635ece628e0063c324e390868385c9de3dd\"\u003e\u003ccode\u003e2151063\u003c/code\u003e\u003c/a\u003e feat(api): realtime 2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/a5c41848ba2eb0cfc412b54200b0b7e6acc99dab\"\u003e\u003ccode\u003ea5c4184\u003c/code\u003e\u003c/a\u003e feat(api): manual updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/17c79fb09ba7b6a36a9ee3d7d6b19c6502b15f2b\"\u003e\u003ccode\u003e17c79fb\u003c/code\u003e\u003c/a\u003e chore: redact api-key headers in debug logs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/openai/openai-node/commit/36f69f6e078d308ed8876625d7d06fa210d649e5\"\u003e\u003ccode\u003e36f69f6\u003c/code\u003e\u003c/a\u003e codegen metadata\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/openai/openai-node/compare/v6.9.0...v6.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for openai since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tailwind-merge` from 3.4.0 to 3.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dcastil/tailwind-merge/releases\"\u003etailwind-merge's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.6.0\u003c/h2\u003e\n\u003ch3\u003eNew Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Tailwind CSS v4.3 by \u003ca href=\"https://github.com/dcastil\"\u003e\u003ccode\u003e@​dcastil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dcastil/tailwind-merge/pull/677\"\u003edcastil/tailwind-merge#677\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003epostfixLookupClassGroups\u003c/code\u003e option to config to support Tailwind utilities where a slash is part of the full class name, like named container queries\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd support for readonly array values by \u003ca href=\"https://github.com/unional\"\u003e\u003ccode\u003e@​unional\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dcastil/tailwind-merge/pull/652\"\u003edcastil/tailwind-merge#652\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix broken links in README by \u003ca href=\"https://github.com/maurer2\"\u003e\u003ccode\u003e@​maurer2\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dcastil/tailwind-merge/pull/662\"\u003edcastil/tailwind-merge#662\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eHarden internal CI pipeline security by omitting git checkout by \u003ca href=\"https://github.com/dcastil\"\u003e\u003ccode\u003e@​dcastil\u003c/code\u003e\u003c/a\u003e, suggested by \u003ca href=\"https://github.com/kyletaylored\"\u003e\u003ccode\u003e@​kyletaylored\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/6b2499c10cf52bed42426d30b4219e90374b30d6\"\u003ehttps://github.com/dcastil/tailwind-merge/commit/6b2499c10cf52bed42426d30b4219e90374b30d6\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dcastil/tailwind-merge/compare/v3.5.0...v3.6.0\"\u003ehttps://github.com/dcastil/tailwind-merge/compare/v3.5.0...v3.6.0\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/brandonmcconnell\"\u003e\u003ccode\u003e@​brandonmcconnell\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/manavm1990\"\u003e\u003ccode\u003e@​manavm1990\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/langy\"\u003e\u003ccode\u003e@​langy\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/roboflow\"\u003e\u003ccode\u003e@​roboflow\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/syntaxfm\"\u003e\u003ccode\u003e@​syntaxfm\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/getsentry\"\u003e\u003ccode\u003e@​getsentry\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/codecov\"\u003e\u003ccode\u003e@​codecov\u003c/code\u003e\u003c/a\u003e, a private sponsor, \u003ca href=\"https://github.com/block\"\u003e\u003ccode\u003e@​block\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/openclaw\"\u003e\u003ccode\u003e@​openclaw\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/sourcegraph\"\u003e\u003ccode\u003e@​sourcegraph\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/mike-healy\"\u003e\u003ccode\u003e@​mike-healy\u003c/code\u003e\u003c/a\u003e and more via \u003ca href=\"https://github.com/thnxdev\"\u003e\u003ccode\u003e@​thnxdev\u003c/code\u003e\u003c/a\u003e for sponsoring tailwind-merge! ❤️\u003c/p\u003e\n\u003ch2\u003ev3.5.0\u003c/h2\u003e\n\u003ch3\u003eNew Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Tailwind CSS v4.2 by \u003ca href=\"https://github.com/dcastil\"\u003e\u003ccode\u003e@​dcastil\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dcastil/tailwind-merge/pull/651\"\u003edcastil/tailwind-merge#651\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dcastil/tailwind-merge/compare/v3.4.1...v3.5.0\"\u003ehttps://github.com/dcastil/tailwind-merge/compare/v3.4.1...v3.5.0\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/brandonmcconnell\"\u003e\u003ccode\u003e@​brandonmcconnell\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/manavm1990\"\u003e\u003ccode\u003e@​manavm1990\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/langy\"\u003e\u003ccode\u003e@​langy\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/roboflow\"\u003e\u003ccode\u003e@​roboflow\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/syntaxfm\"\u003e\u003ccode\u003e@​syntaxfm\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/getsentry\"\u003e\u003ccode\u003e@​getsentry\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/codecov\"\u003e\u003ccode\u003e@​codecov\u003c/code\u003e\u003c/a\u003e, a private sponsor, \u003ca href=\"https://github.com/block\"\u003e\u003ccode\u003e@​block\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/openclaw\"\u003e\u003ccode\u003e@​openclaw\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/sourcegraph\"\u003e\u003ccode\u003e@​sourcegraph\u003c/code\u003e\u003c/a\u003e and more via \u003ca href=\"https://github.com/thnxdev\"\u003e\u003ccode\u003e@​thnxdev\u003c/code\u003e\u003c/a\u003e for sponsoring tailwind-merge! ❤️\u003c/p\u003e\n\u003ch2\u003ev3.4.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent arbitrary font-family and font-weight from merging by \u003ca href=\"https://github.com/roneymoon\"\u003e\u003ccode\u003e@​roneymoon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dcastil/tailwind-merge/pull/635\"\u003edcastil/tailwind-merge#635\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dcastil/tailwind-merge/compare/v3.4.0...v3.4.1\"\u003ehttps://github.com/dcastil/tailwind-merge/compare/v3.4.0...v3.4.1\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/brandonmcconnell\"\u003e\u003ccode\u003e@​brandonmcconnell\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/manavm1990\"\u003e\u003ccode\u003e@​manavm1990\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/langy\"\u003e\u003ccode\u003e@​langy\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/roboflow\"\u003e\u003ccode\u003e@​roboflow\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/syntaxfm\"\u003e\u003ccode\u003e@​syntaxfm\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/getsentry\"\u003e\u003ccode\u003e@​getsentry\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/codecov\"\u003e\u003ccode\u003e@​codecov\u003c/code\u003e\u003c/a\u003e, a private sponsor, \u003ca href=\"https://github.com/block\"\u003e\u003ccode\u003e@​block\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/openclaw\"\u003e\u003ccode\u003e@​openclaw\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/sourcegraph\"\u003e\u003ccode\u003e@​sourcegraph\u003c/code\u003e\u003c/a\u003e and more via \u003ca href=\"https://github.com/thnxdev\"\u003e\u003ccode\u003e@​thnxdev\u003c/code\u003e\u003c/a\u003e for sponsoring tailwind-merge! ❤️\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/d54f7e5713c653d0171971405344f7c6e44d418f\"\u003e\u003ccode\u003ed54f7e5\u003c/code\u003e\u003c/a\u003e v3.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/638871a67a0a124ac9275eda77cd08b03f2f045e\"\u003e\u003ccode\u003e638871a\u003c/code\u003e\u003c/a\u003e Update README to add info about Tailwind CSS v4.3 support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/39fc7b5e915493e5eb3ddb1ca615f5b2eeff2540\"\u003e\u003ccode\u003e39fc7b5\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;v3.6.0\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/bd8390f6ca387f93c9e989fb3fb09924fb843445\"\u003e\u003ccode\u003ebd8390f\u003c/code\u003e\u003c/a\u003e v3.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/802877c6e31f9fb64c627e5e760729a16cd0a69b\"\u003e\u003ccode\u003e802877c\u003c/code\u003e\u003c/a\u003e add v3.6.0 changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/a35fedac7d1fc8756223da94290a83a32068d2ae\"\u003e\u003ccode\u003ea35feda\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dcastil/tailwind-merge/issues/665\"\u003e#665\u003c/a\u003e from dcastil/renovate/rollup-plugin-babel-7.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/940389cf89ed0da277ff5c01b98fd619687926e9\"\u003e\u003ccode\u003e940389c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dcastil/tailwind-merge/issues/667\"\u003e#667\u003c/a\u003e from dcastil/renovate/release-drafter-release-drafter...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/005af6df08cfbe2adac7ca6cb5a7be02b9261fbd\"\u003e\u003ccode\u003e005af6d\u003c/code\u003e\u003c/a\u003e pin to specific version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/5816ced627ebcaefd497ad8e4202baf750dd545c\"\u003e\u003ccode\u003e5816ced\u003c/code\u003e\u003c/a\u003e implement breaking changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dcastil/tailwind-merge/commit/17041e17c5b9c96fcb0f4758c718799cb3af14a6\"\u003e\u003ccode\u003e17041e1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dcastil/tailwind-merge/issues/676\"\u003e#676\u003c/a\u003e from dcastil/dependabot/npm_and_yarn/babel/plugin-tra...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dcastil/tailwind-merge/compare/v3.4.0...v3.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@ai-sdk/react` from 2.0.93 to 3.0.187\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/releases\"\u003e@​ai-sdk/react's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/3\"\u003e\u003ccode\u003e@​3\u003c/code\u003e\u003c/a\u003e.0.187\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.185\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ccode\u003e@​ai-sdk/react\u003c/code\u003e\u003ca href=\"https://github.com/2\"\u003e\u003ccode\u003e@​2\u003c/code\u003e\u003c/a\u003e.0.192\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@5.0.190\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/ai/blob/@ai-sdk/react@3.0.187/packages/react/CHANGELOG.md\"\u003e@​ai-sdk/react's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.187\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.185\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.186\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [40fc5e4]\n\u003cul\u003e\n\u003cli\u003eai@6.0.184\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.185\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.183\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.184\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [e76a29a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.182\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.183\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [538974a]\n\u003cul\u003e\n\u003cli\u003eai@6.0.181\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.182\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated dependencies [253bd5a]\u003c/li\u003e\n\u003cli\u003eUpdated dependencies [57ec10f]\n\u003cul\u003e\n\u003cli\u003eai@6.0.180\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.181\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eai@6.0.179\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.180\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/4a989451c5ef8c1b04d8a91e4e9301dc81708cfa\"\u003e\u003ccode\u003e4a98945\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15406\"\u003e#15406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/f8d30032da41bdfd1d4c560bb6439dec8021603e\"\u003e\u003ccode\u003ef8d3003\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15356\"\u003e#15356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/2e7664bff4294f2f5b21c30136ca24d12c4e9b5c\"\u003e\u003ccode\u003e2e7664b\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15315\"\u003e#15315\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c76ce9cdcd176554e245ede286be1863e17e5fd5\"\u003e\u003ccode\u003ec76ce9c\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15257\"\u003e#15257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/c0e4feffdd69e75d6ba0c1d311f0ec929952731d\"\u003e\u003ccode\u003ec0e4fef\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15251\"\u003e#15251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/43e5359b6cf3c8737544ad17604d7b152d01a73e\"\u003e\u003ccode\u003e43e5359\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15221\"\u003e#15221\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e2f1bca89259f60318faf7537539b67872630052\"\u003e\u003ccode\u003ee2f1bca\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15216\"\u003e#15216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/d37fb1f2dad4d96605ffd2ac3d4b55e0bccdc482\"\u003e\u003ccode\u003ed37fb1f\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15202\"\u003e#15202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e70aab94d6f3dac30d54ac3185259a9562051bd6\"\u003e\u003ccode\u003ee70aab9\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15138\"\u003e#15138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/ai/commit/e3ccdb5987c07459ffd9be56088c5ac9d142fba2\"\u003e\u003ccode\u003ee3ccdb5\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/vercel/ai/tree/HEAD/packages/react/issues/15094\"\u003e#15094\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/ai/commits/@ai-sdk/react@3.0.187/packages/react\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​ai-sdk/react\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@aws-sdk/client-s3` from 3.437.0 to 3.1050.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/releases\"\u003e@​aws-sdk/client-s3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1050.0\u003c/h2\u003e\n\u003ch4\u003e3.1050.0(2026-05-19)\u003c/h4\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-05-19 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9a5e6f03be25b20c97a2f0826cb6b74061e57b8d\"\u003e9a5e6f03\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sagemaker:\u003c/strong\u003e  Add support for ml.p5.4xlarge and ml.p5en.48xlarge instances on SageMaker Notebook Instances Platform. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/73a3e28f8c4741e657e131dfb0decc37700b828c\"\u003e73a3e28f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-grafana:\u003c/strong\u003e  Introduce degraded workspace status as a possible Amazon Managed Grafana workspace status, and a new field named degraded workspace reason which informs customers why the workspace is degraded in the DescribeWorkspace API response. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/af49cb81d0dd0a7e0e4c448c293808df842ca4b1\"\u003eaf49cb81\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-rtbfabric:\u003c/strong\u003e  This release is to deprecate 'inboundLinksCount' field in GetResponderGateway response and introduce the new field 'linksRequestedCount' to replace it. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/3c9765e351c0a632e3a57890a06633ac47beaea3\"\u003e3c9765e3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-devops-agent:\u003c/strong\u003e  Added a new serviceType mcpserversigv4 service and association. This provides feature to register MCP sigv4 authorization based MCPs (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/84e18e58dcd72556aeabadf32a4b58405e3f6e4a\"\u003e84e18e58\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-guardduty:\u003c/strong\u003e  Adding support for exposure and vulnerability context from AWS Security Hub in GuardDuty Extended Threat Detection attack sequence findings. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/de2356de06977694d70b64340ba802682acd1ea8\"\u003ede2356de\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-bedrock-agentcore:\u003c/strong\u003e  Add RetryableConflictException (HTTP 409) to InvokeAgentRuntime and StopRuntimeSession to prevent orphaned VMs during concurrent session access. The SDK automatically retries this exception with backoff. Enforcement is not yet active and will be enabled in a future service update. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/239af13eb6799a89d6cf3257d664004a7a4fbfa2\"\u003e239af13e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eTests\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003elib-storage:\u003c/strong\u003e  speed up lib-storage e2e tests by reducing permutations (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8028\"\u003e#8028\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/273afd4efb8cb19746bce3b7769e58d0917a3257\"\u003e273afd4e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eFor list of updated packages, view \u003cstrong\u003eupdated-packages.md\u003c/strong\u003e in \u003cstrong\u003eassets-3.1050.0.zip\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1049.0\u003c/h2\u003e\n\u003ch4\u003e3.1049.0(2026-05-18)\u003c/h4\u003e\n\u003ch5\u003eDocumentation Changes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-evs:\u003c/strong\u003e  Amazon EVS now supports up to 32 hosts per EVS environment, increasing the previous host limit to allow a larger scale of VMware workload deployments and reduce operational overhead. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/34718dc5665b0423b11382c28fa8e321b876231c\"\u003e34718dc5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eNew Features\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclients:\u003c/strong\u003e  update client endpoints as of 2026-05-18 (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/a5f4e2a21dba69087a8b0534ffd574b877551a2a\"\u003ea5f4e2a2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ec2:\u003c/strong\u003e  Amazon VPC IP Address Manager (IPAM) now supports tags on IPAM pool allocations, enabling all standard tagging features for allocations including tag-on-create. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/0ac6d448ed6a0f04d45d59d1bcde953454b61f78\"\u003e0ac6d448\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-accessanalyzer:\u003c/strong\u003e  Services manage service-linked analyzers through dedicated APIs - CreateServiceLinkedAnalyzer and DeleteServiceLinkedAnalyzer that separate service-linked specific operations from customer-managed operations. It also shows up in ListAnalyzers and GetAnalyzer responses. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/fdfcbe80822475752a5433a6b830962379701cc1\"\u003efdfcbe80\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ecs:\u003c/strong\u003e  Amazon ECS now supports Pause lifecycle hooks for service deployments, allowing customers to automatically pause deployments at specified stages and use the new ContinueServiceDeployment API to continue or roll back with confidence. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8437bd6c125ba1ea4f5baf7a8fdf9fa9694ff4a7\"\u003e8437bd6c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-connect:\u003c/strong\u003e  Amazon Connect Cases now supports SLA durations of up to 2 years (1,051,200 minutes), increased from the previous maximum of 90 days (129,600 minutes). This enables you to track long-running service level agreements for cases that require extended resolution timelines. (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/045e1382ed3e4a3a7192416d4636e6849f5fc847\"\u003e045e1382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-ivs:\u003c/strong\u003e  Adds support for up to 3 mediaTailorPlaybackConfiguration objects in an ad configuration resource (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/e7a59d859f9cf88f6e19fc4df520336f968da88d\"\u003ee7a59d85\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-quicksight:\u003c/strong\u003e  Support for dataset enrichment and geo spatial in new data preparation experience (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/c3036698d995bb62e8cf487df88c36192533efd5\"\u003ec3036698\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch5\u003eBug Fixes\u003c/h5\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ecore/protocols:\u003c/strong\u003e  make error namespace removal unconditional in JSON RPC (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8031\"\u003e#8031\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/7cee4f2752226e76902ab933477122782472469c\"\u003e7cee4f27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sts:\u003c/strong\u003e  update imports to new module locations (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/pull/8025\"\u003e#8025\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/be183b6d7ac286e626f0301cbee2ca5101e87acb\"\u003ebe183b6d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eFor list of updated packages, view \u003cstrong\u003eupdated-packages.md\u003c/strong\u003e in \u003cstrong\u003eassets-3.1049.0.zip\u003c/strong\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1048.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md\"\u003e@​aws-sdk/client-s3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1049.0...v3.1050.0\"\u003e3.1050.0\u003c/a\u003e (2026-05-19)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1048.0...v3.1049.0\"\u003e3.1049.0\u003c/a\u003e (2026-05-18)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eclient-sts:\u003c/strong\u003e update imports to new module locations (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-js-v3/issues/8025\"\u003e#8025\u003c/a\u003e) (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/be183b6d7ac286e626f0301cbee2ca5101e87acb\"\u003ebe183b6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1047.0...v3.1048.0\"\u003e3.1048.0\u003c/a\u003e (2026-05-15)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1046.0...v3.1047.0\"\u003e3.1047.0\u003c/a\u003e (2026-05-14)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1045.0...v3.1046.0\"\u003e3.1046.0\u003c/a\u003e (2026-05-14)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/compare/v3.1044.0...v3.1045.0\"\u003e3.1045.0\u003c/a\u003e (2026-05-07)\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e Version bump only for package \u003ccode\u003e@​aws-sdk/client-s3\u003c/code\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/bdc9fc6b88673a816719006d0bde88afd44dbb4e\"\u003e\u003ccode\u003ebdc9fc6\u003c/code\u003e\u003c/a\u003e Publish v3.1050.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/04d52f3ac1d416598b8d728b72919919025a4a61\"\u003e\u003ccode\u003e04d52f3\u003c/code\u003e\u003c/a\u003e Publish v3.1049.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/be183b6d7ac286e626f0301cbee2ca5101e87acb\"\u003e\u003ccode\u003ebe183b6\u003c/code\u003e\u003c/a\u003e fix(client-sts): update imports to new module locations (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8025\"\u003e#8025\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/313813d9e1f25eb6896cf2880977f01ee7fb2556\"\u003e\u003ccode\u003e313813d\u003c/code\u003e\u003c/a\u003e Publish v3.1048.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/1af90474774927f8dea56d1e33fd11167d431d11\"\u003e\u003ccode\u003e1af9047\u003c/code\u003e\u003c/a\u003e chore(codegen): updated import sources for aws-sdk core (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8015\"\u003e#8015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/eabae7d848238fedb6336c2f2d13b81c6cd9d146\"\u003e\u003ccode\u003eeabae7d\u003c/code\u003e\u003c/a\u003e chore(codegen): sync for browser bundle fixes (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8022\"\u003e#8022\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/8edb907b3e69d8ebd19a808480692de92b98e748\"\u003e\u003ccode\u003e8edb907\u003c/code\u003e\u003c/a\u003e Publish v3.1047.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/a66433550dc5bfd0b3228222ad096bfb25d042c0\"\u003e\u003ccode\u003ea664335\u003c/code\u003e\u003c/a\u003e Publish v3.1046.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/9ce20f6d16352cd5747d9555e2b75e9462ea8ae9\"\u003e\u003ccode\u003e9ce20f6\u003c/code\u003e\u003c/a\u003e chore(codegen): dependency version bump (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/8008\"\u003e#8008\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commit/acffbf906165501879a9e57b4f1b63deecbe63ea\"\u003e\u003ccode\u003eacffbf9\u003c/code\u003e\u003c/a\u003e chore: update smithy/core imports (\u003ca href=\"https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/7979\"\u003e#7979\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-js-v3/commits/v3.1050.0/clients/client-s3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@fumadocs/content-collections` from 1.2.4 to 1.2.9\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/fa609138d418c7a60d5c3bf60efd77e86549bd34\"\u003e\u003ccode\u003efa60913\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3202\"\u003e#3202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/2d8f59638c61d2d70512b81e2fd13ddc92fac869\"\u003e\u003ccode\u003e2d8f596\u003c/code\u003e\u003c/a\u003e Chore: fix \u003ccode\u003enpm pack\u003c/code\u003e skipping nested \u003ccode\u003enode_modules\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/b5af621de0c8da746f0d26d4bd8bd02d55cb0670\"\u003e\u003ccode\u003eb5af621\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3200\"\u003e#3200\u003c/a\u003e from fuma-nama/changeset-release/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/79995e999678319afec4151f5f10041b1ed8fd89\"\u003e\u003ccode\u003e79995e9\u003c/code\u003e\u003c/a\u003e fix tsdown warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/9518cc8b40ce4d96bcf526155a546d00822ba589\"\u003e\u003ccode\u003e9518cc8\u003c/code\u003e\u003c/a\u003e OpenAPI: remove \u003ccode\u003eopenapi-sampler\u003c/code\u003e dep\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/335b9c1076bc80052046aab83c4e265af54aa1cc\"\u003e\u003ccode\u003e335b9c1\u003c/code\u003e\u003c/a\u003e Chore: bundle more deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/498425b261877e94c988d3dd1ce1ec9cab29971b\"\u003e\u003ccode\u003e498425b\u003c/code\u003e\u003c/a\u003e UI: pre-calculate TOC item positions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/7cdde7c8358009e452a8b4949bbc11af8dd6bafd\"\u003e\u003ccode\u003e7cdde7c\u003c/code\u003e\u003c/a\u003e UI: improve TOC performance\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/690ddb9da2a3949a502153f5d115c5bd3025b78f\"\u003e\u003ccode\u003e690ddb9\u003c/code\u003e\u003c/a\u003e Chore: bundle more deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fuma-nama/fumadocs/commit/8999346b6b0888398b01a60f8864ab70ce8cdf9d\"\u003e\u003ccode\u003e8999346\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/fuma-nama/fumadocs/issues/3198\"\u003e#3198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fuma-nama/fumadocs/compare/@fumadocs/content-collections@1.2.4...@fumadocs/content-collections@1.2.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​fumadocs/content-collections\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@next/third-parties` from 16.0.3 to 16.2.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003e@​next/third-parties's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev16.2.6\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nThis release contains security fixes and backported bug fixes. It does \u003cstrong\u003enot\u003c/strong\u003e include all pending features/changes on canary.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eSecurity Fixes\u003c/h3\u003e\n\u003cp\u003eThe following advisories have been addressed:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eHigh:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - \u003cstrong\u003eIncomplete Fix Follow-Up\u003c/strong\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModerate:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://githu...\n\n_Description has been truncated_","html_url":"https://github.com/emiliano32144/supastarter-nextjs/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/emiliano32144%2Fsupastarter-nextjs/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}},{"old_version":"0.4.2","new_version":"1.1.1","update_type":"major","path":null,"pr_created_at":"2026-05-19T23:51:00.000Z","version_change":"0.4.2 → 1.1.1","issue":{"uuid":"4481940730","node_id":"PR_kwDOSS6dds7dTH4e","number":193,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 3 directories with 2 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-19T23:51:00.000Z","updated_at":"2026-05-20T00:28:18.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":2,"packages":[{"name":"next","old_version":"14.2.3","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"next","old_version":"14.2.3","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"next","old_version":"14.2.3","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"next","old_version":"14.2.3","new_version":"15.5.18","repository_url":"https://github.com/vercel/next.js"},{"name":"cookie","old_version":"0.4.2","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /apps/defi-dashboard directory: [next](https://github.com/vercel/next.js).\nBumps the npm_and_yarn group with 1 update in the /zwallet directory: [cookie](https://github.com/jshttp/cookie).\n\nUpdates `next` from 14.2.3 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.18\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.16\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9ff92cebcaa6ba4e7463b6fd037a8510ba9b81ec\"\u003e\u003ccode\u003e9ff92ce\u003c/code\u003e\u003c/a\u003e v15.5.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/00ebe23562bd7eb32dd78730984bfadb47138bcf\"\u003e\u003ccode\u003e00ebe23\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/62c97ab0b5825e2cbc15f6b682d8286a8dd6a038\"\u003e\u003ccode\u003e62c97ab\u003c/code\u003e\u003c/a\u003e v15.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/423623ae38c106273085b66946ee5bf9aab77f2c\"\u003e\u003ccode\u003e423623a\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fa787399b38d9aa702118f9bd23a8315b9f0ecc6\"\u003e\u003ccode\u003efa78739\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36e62c6eb7813e42d409eb487f93b829f4ad77e8\"\u003e\u003ccode\u003e36e62c6\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93588\"\u003e#93588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36589b5db512b7704cdadd873cbe49b6dbcc9261\"\u003e\u003ccode\u003e36589b5\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93596\"\u003e#93596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ad6fd4e50e5aba20b60d283c42b89273a3167ccd\"\u003e\u003ccode\u003ead6fd4e\u003c/code\u003e\u003c/a\u003e v15.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/79d7dff1448483f0c8f187f98887b31019f6e494\"\u003e\u003ccode\u003e79d7dff\u003c/code\u003e\u003c/a\u003e Ignore malformed CSP nonce headers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c4f69086cc8dcbd81b1dbc321c98ea874d90d6f8\"\u003e\u003ccode\u003ec4f6908\u003c/code\u003e\u003c/a\u003e router-server: guard upgrade proxy against absolute-url SSRF (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/77\"\u003e#77\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v14.2.3...v15.5.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 14.2.3 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.18\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.16\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9ff92cebcaa6ba4e7463b6fd037a8510ba9b81ec\"\u003e\u003ccode\u003e9ff92ce\u003c/code\u003e\u003c/a\u003e v15.5.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/00ebe23562bd7eb32dd78730984bfadb47138bcf\"\u003e\u003ccode\u003e00ebe23\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/62c97ab0b5825e2cbc15f6b682d8286a8dd6a038\"\u003e\u003ccode\u003e62c97ab\u003c/code\u003e\u003c/a\u003e v15.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/423623ae38c106273085b66946ee5bf9aab77f2c\"\u003e\u003ccode\u003e423623a\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fa787399b38d9aa702118f9bd23a8315b9f0ecc6\"\u003e\u003ccode\u003efa78739\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36e62c6eb7813e42d409eb487f93b829f4ad77e8\"\u003e\u003ccode\u003e36e62c6\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93588\"\u003e#93588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36589b5db512b7704cdadd873cbe49b6dbcc9261\"\u003e\u003ccode\u003e36589b5\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93596\"\u003e#93596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ad6fd4e50e5aba20b60d283c42b89273a3167ccd\"\u003e\u003ccode\u003ead6fd4e\u003c/code\u003e\u003c/a\u003e v15.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/79d7dff1448483f0c8f187f98887b31019f6e494\"\u003e\u003ccode\u003e79d7dff\u003c/code\u003e\u003c/a\u003e Ignore malformed CSP nonce headers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c4f69086cc8dcbd81b1dbc321c98ea874d90d6f8\"\u003e\u003ccode\u003ec4f6908\u003c/code\u003e\u003c/a\u003e router-server: guard upgrade proxy against absolute-url SSRF (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/77\"\u003e#77\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v14.2.3...v15.5.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 14.2.3 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.18\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.16\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9ff92cebcaa6ba4e7463b6fd037a8510ba9b81ec\"\u003e\u003ccode\u003e9ff92ce\u003c/code\u003e\u003c/a\u003e v15.5.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/00ebe23562bd7eb32dd78730984bfadb47138bcf\"\u003e\u003ccode\u003e00ebe23\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/62c97ab0b5825e2cbc15f6b682d8286a8dd6a038\"\u003e\u003ccode\u003e62c97ab\u003c/code\u003e\u003c/a\u003e v15.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/423623ae38c106273085b66946ee5bf9aab77f2c\"\u003e\u003ccode\u003e423623a\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fa787399b38d9aa702118f9bd23a8315b9f0ecc6\"\u003e\u003ccode\u003efa78739\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36e62c6eb7813e42d409eb487f93b829f4ad77e8\"\u003e\u003ccode\u003e36e62c6\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93588\"\u003e#93588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36589b5db512b7704cdadd873cbe49b6dbcc9261\"\u003e\u003ccode\u003e36589b5\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93596\"\u003e#93596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ad6fd4e50e5aba20b60d283c42b89273a3167ccd\"\u003e\u003ccode\u003ead6fd4e\u003c/code\u003e\u003c/a\u003e v15.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/79d7dff1448483f0c8f187f98887b31019f6e494\"\u003e\u003ccode\u003e79d7dff\u003c/code\u003e\u003c/a\u003e Ignore malformed CSP nonce headers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c4f69086cc8dcbd81b1dbc321c98ea874d90d6f8\"\u003e\u003ccode\u003ec4f6908\u003c/code\u003e\u003c/a\u003e router-server: guard upgrade proxy against absolute-url SSRF (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/77\"\u003e#77\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v14.2.3...v15.5.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `next` from 14.2.3 to 15.5.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vercel/next.js/releases\"\u003enext's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev15.5.18\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6\"\u003eGHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.16\u003c/h2\u003e\n\u003cp\u003eThis release contains security fixes for the following advisories:\u003c/p\u003e\n\u003cp\u003eHigh:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj\"\u003eGHSA-8h8q-6873-q5fj: Denial of Service with Server Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f\"\u003eGHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx\"\u003eGHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv\"\u003eGHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r\"\u003eGHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5\"\u003eGHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eModerate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q\"\u003eGHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h\"\u003eGHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh\"\u003eGHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7\"\u003eGHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eLow:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949\"\u003eGHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq\"\u003eGHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev15.5.15\u003c/h2\u003e\n\u003cp\u003ePlease refer the following changelogs for more information about this security release:\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://vercel.com/changelog/summary-of-cve-2026-23869\"\u003ehttps://vercel.com/changelog/summary-of-cve-2026-23869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev15.5.14\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/9ff92cebcaa6ba4e7463b6fd037a8510ba9b81ec\"\u003e\u003ccode\u003e9ff92ce\u003c/code\u003e\u003c/a\u003e v15.5.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/00ebe23562bd7eb32dd78730984bfadb47138bcf\"\u003e\u003ccode\u003e00ebe23\u003c/code\u003e\u003c/a\u003e [backport] Disable build caches for production/staging/force-preview deploys ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/62c97ab0b5825e2cbc15f6b682d8286a8dd6a038\"\u003e\u003ccode\u003e62c97ab\u003c/code\u003e\u003c/a\u003e v15.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/423623ae38c106273085b66946ee5bf9aab77f2c\"\u003e\u003ccode\u003e423623a\u003c/code\u003e\u003c/a\u003e Turbopack: Match proxy matchers with webpack implementation (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93594\"\u003e#93594\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/fa787399b38d9aa702118f9bd23a8315b9f0ecc6\"\u003e\u003ccode\u003efa78739\u003c/code\u003e\u003c/a\u003e Turbopack: Fix middleware matcher suffix (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93590\"\u003e#93590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36e62c6eb7813e42d409eb487f93b829f4ad77e8\"\u003e\u003ccode\u003e36e62c6\u003c/code\u003e\u003c/a\u003e [backport] Turbopack: more strict vergen setup (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93588\"\u003e#93588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/36589b5db512b7704cdadd873cbe49b6dbcc9261\"\u003e\u003ccode\u003e36589b5\u003c/code\u003e\u003c/a\u003e [backport][test] Pin package manager to patch versions (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/93596\"\u003e#93596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/ad6fd4e50e5aba20b60d283c42b89273a3167ccd\"\u003e\u003ccode\u003ead6fd4e\u003c/code\u003e\u003c/a\u003e v15.5.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/79d7dff1448483f0c8f187f98887b31019f6e494\"\u003e\u003ccode\u003e79d7dff\u003c/code\u003e\u003c/a\u003e Ignore malformed CSP nonce headers (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/103\"\u003e#103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vercel/next.js/commit/c4f69086cc8dcbd81b1dbc321c98ea874d90d6f8\"\u003e\u003ccode\u003ec4f6908\u003c/code\u003e\u003c/a\u003e router-server: guard upgrade proxy against absolute-url SSRF (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/77\"\u003e#77\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/vercel/next.js/issues/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vercel/next.js/compare/v14.2.3...v15.5.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for next since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.4.2 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.4.2...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/cvsz/zwallet/pull/193","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/cvsz%2Fzwallet/issues/193","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/193/packages"}},{"old_version":"0.6.0","new_version":"1.1.1","update_type":"major","path":"/backend/functions","pr_created_at":"2026-05-18T20:49:56.000Z","version_change":"0.6.0 → 1.1.1","issue":{"uuid":"4472477665","node_id":"PR_kwDOP09VWc7c0gEg","number":184,"state":"open","title":"chore(deps): bump cookie from 0.6.0 to 1.1.1 in /backend/functions","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-18T20:49:56.000Z","updated_at":"2026-05-18T22:21:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"cookie","old_version":"0.6.0","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"}],"path":"/backend/functions","ecosystem":"npm"},"body":"Bumps [cookie](https://github.com/jshttp/cookie) from 0.6.0 to 1.1.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/Abernaughty/PCPC/pull/184","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Abernaughty%2FPCPC/issues/184","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/184/packages"}},{"old_version":"0.6.0","new_version":"1.1.1","update_type":"major","path":null,"pr_created_at":"2026-05-17T02:35:06.000Z","version_change":"0.6.0 → 1.1.1","issue":{"uuid":"4462041948","node_id":"PR_kwDOIeE8Ts7cTuIC","number":333,"state":"closed","title":"build(deps): bump cookie from 0.6.0 to 1.1.1","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-27T05:57:39.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-17T02:35:06.000Z","updated_at":"2026-05-27T05:57:41.000Z","time_to_close":876153,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"cookie","old_version":"0.6.0","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"}],"path":null,"ecosystem":"npm"},"body":"Bumps [cookie](https://github.com/jshttp/cookie) from 0.6.0 to 1.1.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cookie\u0026package-manager=npm_and_yarn\u0026previous-version=0.6.0\u0026new-version=1.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/revati-jp/website/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/revati-jp/website/pull/333","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/revati-jp%2Fwebsite/issues/333","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/333/packages"}},{"old_version":"0.6.0","new_version":"1.1.1","update_type":"major","path":null,"pr_created_at":"2026-05-16T08:51:17.000Z","version_change":"0.6.0 → 1.1.1","issue":{"uuid":"4459323064","node_id":"PR_kwDOKB5zlc7cLueS","number":659,"state":"open","title":"chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-16T08:51:17.000Z","updated_at":"2026-05-16T08:56:09.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":2,"packages":[{"name":"cookie","old_version":"0.6.0","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"},{"name":"undici","old_version":"7.18.2","new_version":"8.3.0"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the / directory: [cookie](https://github.com/jshttp/cookie).\n\nUpdates `cookie` from 0.6.0 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `undici` from 7.18.2 to 8.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodejs/undici/releases\"\u003eundici's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: preserve pool capacity after removing stale client by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5151\"\u003enodejs/undici#5151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/github-script from 8.0.0 to 9.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5157\"\u003enodejs/undici#5157\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/upload-artifact from 5.0.0 to 7.0.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5162\"\u003enodejs/undici#5162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump peter-evans/create-pull-request from 8.1.0 to 8.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5156\"\u003enodejs/undici#5156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(http2): collapse duplicate request stream setup by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5140\"\u003enodejs/undici#5140\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(client): cache HTTP/2 authority by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5141\"\u003enodejs/undici#5141\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump borp from 0.20.2 to 1.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4819\"\u003enodejs/undici#4819\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: add TOpaque to client connect options by \u003ca href=\"https://github.com/samuel871211\"\u003e\u003ccode\u003e@​samuel871211\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4928\"\u003enodejs/undici#4928\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump tinybench from 5.1.0 to 6.0.1 in /benchmarks by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4688\"\u003enodejs/undici#4688\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump codecov/codecov-action from 5.5.1 to 6.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4950\"\u003enodejs/undici#4950\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/dependency-review-action from 4.8.1 to 4.9.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4951\"\u003enodejs/undici#4951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(fetch): add userinfo coverage for issue-4897 URLs by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4901\"\u003enodejs/undici#4901\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf: avoid duplicate pool dispatcher selection on backpressure by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5149\"\u003enodejs/undici#5149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 6.2.0 to 6.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5163\"\u003enodejs/undici#5163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump step-security/harden-runner from 2.14.1 to 2.19.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5160\"\u003enodejs/undici#5160\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump cronometro from 5.3.0 to 6.0.3 in /benchmarks by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4687\"\u003enodejs/undici#4687\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 4.35.1 to 4.35.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5161\"\u003enodejs/undici#5161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4853\"\u003enodejs/undici#4853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump hendrikmuhs/ccache-action from 1.2.22 to 1.2.23 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5158\"\u003enodejs/undici#5158\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/github-action-merge-dependabot from 3.11.2 to 3.12.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5159\"\u003enodejs/undici#5159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump c8 from 10.1.3 to 11.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/4854\"\u003enodejs/undici#4854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump uWebSockets.js from v20.64.0 to v20.66.0 in /benchmarks by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5130\"\u003enodejs/undici#5130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: mention install() also installs WebSocket globals by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5174\"\u003enodejs/undici#5174\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypes: stop interfering with \u003ccode\u003e@​types/node\u003c/code\u003e by \u003ca href=\"https://github.com/Renegade334\"\u003e\u003ccode\u003e@​Renegade334\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5173\"\u003enodejs/undici#5173\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: align h2 empty body content-length methods with h1 by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5172\"\u003enodejs/undici#5172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump fast-check from 4.6.0 to 4.7.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5192\"\u003enodejs/undici#5192\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump typescript from 6.0.2 to 6.0.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5191\"\u003enodejs/undici#5191\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: move cleanup from finally to after hooks by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5194\"\u003enodejs/undici#5194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: resolve flaky timeout in issue-3356 by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5188\"\u003enodejs/undici#5188\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSnapshotAgent\u003c/code\u003e: Add \u003ccode\u003enormalizeBody\u003c/code\u003e and \u003ccode\u003enormalizeQuery\u003c/code\u003e by \u003ca href=\"https://github.com/GeoffreyBooth\"\u003e\u003ccode\u003e@​GeoffreyBooth\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5121\"\u003enodejs/undici#5121\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(socks5): use configured connector in Socks5ProxyAgent by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5168\"\u003enodejs/undici#5168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(http2): avoid isArray checks for common headers by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5170\"\u003enodejs/undici#5170\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(test): make deduplicate body-streaming test non-flaky by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5196\"\u003enodejs/undici#5196\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(retry): add regression test for RetryAgent + HTTP/2 stream timeout (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5137\"\u003e#5137\u003c/a\u003e) by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5176\"\u003enodejs/undici#5176\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(socks5): preserve dispatch backpressure return value by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5166\"\u003enodejs/undici#5166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(http2): end zero-length request bodies with headers by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5169\"\u003enodejs/undici#5169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(test): make issue-2898-comment.js assertion robust against flakiness by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5208\"\u003enodejs/undici#5208\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: disable timeouts in h2 high concurrency regression by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5205\"\u003enodejs/undici#5205\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: deflake stream compat coverage by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5209\"\u003enodejs/undici#5209\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(dispatcher): remove unreachable assert in writeBlob by \u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5231\"\u003enodejs/undici#5231\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: clean up benchmark resources before worker exit by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5225\"\u003enodejs/undici#5225\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: avoid per-chunk assertions in diagnostics get by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5224\"\u003enodejs/undici#5224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: capture cache test worker stderr and preserve failures by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5206\"\u003enodejs/undici#5206\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: gitignore benchmarks/package-lock.json by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5228\"\u003enodejs/undici#5228\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eperf(proxy-agent): avoid extra header allocations in auth guard by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5164\"\u003enodejs/undici#5164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(wpt): retry WPT server startup on port conflicts or timeout by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5215\"\u003enodejs/undici#5215\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: make websocket diagnostics ping-pong ordering deterministic by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5222\"\u003enodejs/undici#5222\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest(websocket): fix flaky send test by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/nodejs/undici/pull/5232\"\u003enodejs/undici#5232\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/aa33b19549ef5c37b73599a6deba768e85f46f92\"\u003e\u003ccode\u003eaa33b19\u003c/code\u003e\u003c/a\u003e Bumped v8.3.0 (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5305\"\u003e#5305\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/f33a6cb615e1e77fa09fda3cf935632635cdea8c\"\u003e\u003ccode\u003ef33a6cb\u003c/code\u003e\u003c/a\u003e test: fix flaky http2-dispatcher WebSocket upgrade tests (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5304\"\u003e#5304\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/ca0cb16fc1e825c76e2a480101fef2d2732a4fe7\"\u003e\u003ccode\u003eca0cb16\u003c/code\u003e\u003c/a\u003e build(deps): bump uWebSockets.js in /benchmarks (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5299\"\u003e#5299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/e1f9035d0fdc26db66d8501134ae15e5dab15488\"\u003e\u003ccode\u003ee1f9035\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump jest from 30.3.0 to 30.4.2 (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5297\"\u003e#5297\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/314ba6a2cdd83a5b1e7fcca409cd3a75691a8c00\"\u003e\u003ccode\u003e314ba6a\u003c/code\u003e\u003c/a\u003e perf(client-h2): reuse request upgrade stream handlers (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5293\"\u003e#5293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/be9a544ff7e2e01560ff5201a6d45f7a053a395b\"\u003e\u003ccode\u003ebe9a544\u003c/code\u003e\u003c/a\u003e Add Node 26 to the matrix (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5271\"\u003e#5271\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/45f7bd34a6f7a7912fd9fe0d6ccdcc62524c1637\"\u003e\u003ccode\u003e45f7bd3\u003c/code\u003e\u003c/a\u003e test: retry crashed cache-test workers once (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5294\"\u003e#5294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/08cf765bf8bf47de56fe63237c5a528a1978c0a0\"\u003e\u003ccode\u003e08cf765\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump fast-check from 4.7.0 to 4.8.0 (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5298\"\u003e#5298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/df5ded9ebbda7b2545db45452889dbb85bd22a48\"\u003e\u003ccode\u003edf5ded9\u003c/code\u003e\u003c/a\u003e cache formdata boundary (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5292\"\u003e#5292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodejs/undici/commit/e101dcb27247a5d6718ddfbbbb6e3968403f1f42\"\u003e\u003ccode\u003ee101dcb\u003c/code\u003e\u003c/a\u003e test: include after in parser-issues (\u003ca href=\"https://redirect.github.com/nodejs/undici/issues/5284\"\u003e#5284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodejs/undici/compare/v7.18.2...v8.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/sdanialraza/sdanialraza/pull/659","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sdanialraza%2Fsdanialraza/issues/659","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/659/packages"}},{"old_version":"0.3.1","new_version":"0.7.2","update_type":"minor","path":null,"pr_created_at":"2026-05-15T21:16:25.000Z","version_change":"0.3.1 → 0.7.2","issue":{"uuid":"4457011504","node_id":"PR_kwDOCvT5As7cEjbW","number":9,"state":"open","title":"⬆️ Bump the npm-security-updates group across 1 directory with 30 updates","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-15T21:16:25.000Z","updated_at":"2026-05-15T21:16:26.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"⬆️ Bump","group_name":"npm-security-updates","update_count":30,"packages":[{"name":"@angular/common","old_version":"7.2.14","new_version":"19.2.16","repository_url":"https://github.com/angular/angular"},{"name":"@angular/core","old_version":"7.2.14","new_version":"19.2.20","repository_url":"https://github.com/angular/angular"},{"name":"@angular/compiler","old_version":"7.2.14","new_version":"19.2.18","repository_url":"https://github.com/angular/angular"},{"name":"@babel/traverse","old_version":"7.4.4","new_version":"7.29.0","repository_url":"https://github.com/babel/babel"},{"name":"body-parser","old_version":"1.18.3","new_version":"1.20.5","repository_url":"https://github.com/expressjs/body-parser"},{"name":"express","old_version":"4.16.4","new_version":"4.22.2","repository_url":"https://github.com/expressjs/express"},{"name":"browserify-sign","old_version":"4.0.4","new_version":"4.2.5","repository_url":"https://github.com/crypto-browserify/browserify-sign"},{"name":"cipher-base","old_version":"1.0.4","new_version":"1.0.7","repository_url":"https://github.com/crypto-browserify/cipher-base"},{"name":"cookie","old_version":"0.3.1","new_version":"0.7.2","repository_url":"https://github.com/jshttp/cookie"},{"name":"follow-redirects","old_version":"1.7.0","new_version":"1.16.0","repository_url":"https://github.com/follow-redirects/follow-redirects"},{"name":"minimist","old_version":"0.0.8","new_version":"1.2.8","repository_url":"https://github.com/minimistjs/minimist"},{"name":"gh-pages","old_version":"0.12.0","new_version":"6.3.0","repository_url":"https://github.com/tschaub/gh-pages"},{"name":"handlebars","old_version":"4.1.2","new_version":"4.7.9","repository_url":"https://github.com/handlebars-lang/handlebars.js"},{"name":"ip","old_version":"1.1.5","new_version":"removed","repository_url":"https://github.com/indutny/node-ip"},{"name":"js-yaml","old_version":"3.13.1","new_version":"3.14.2","repository_url":"https://github.com/nodeca/js-yaml"},{"name":"lodash","old_version":"4.17.11","new_version":"4.18.1","repository_url":"https://github.com/lodash/lodash"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm-security-updates group with 16 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common) | `7.2.14` | `19.2.16` |\n| [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `7.2.14` | `19.2.20` |\n| [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) | `7.2.14` | `19.2.18` |\n| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.4.4` | `7.29.0` |\n| [body-parser](https://github.com/expressjs/body-parser) | `1.18.3` | `1.20.5` |\n| [express](https://github.com/expressjs/express) | `4.16.4` | `4.22.2` |\n| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.5` |\n| [cipher-base](https://github.com/crypto-browserify/cipher-base) | `1.0.4` | `1.0.7` |\n| [cookie](https://github.com/jshttp/cookie) | `0.3.1` | `0.7.2` |\n| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.7.0` | `1.16.0` |\n| [minimist](https://github.com/minimistjs/minimist) | `0.0.8` | `1.2.8` |\n| [gh-pages](https://github.com/tschaub/gh-pages) | `0.12.0` | `6.3.0` |\n| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.1.2` | `4.7.9` |\n| [ip](https://github.com/indutny/node-ip) | `1.1.5` | `removed` |\n| [js-yaml](https://github.com/nodeca/js-yaml) | `3.13.1` | `3.14.2` |\n| [lodash](https://github.com/lodash/lodash) | `4.17.11` | `4.18.1` |\n\n\nUpdates `@angular/common` from 7.2.14 to 19.2.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/common's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/common's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.16 (2025-11-26)\u003c/h1\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e05fe6686a9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.14 (2025-11-25)\u003c/h1\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f\"\u003e0276479e7d\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.1 (2025-11-25)\u003c/h1\u003e\n\u003ch3\u003ecompiler-cli\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/39c577bc362b263896b38c9486131d4342b8f1a8\"\u003e39c577bc36\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edo not type check native controls with ControlValueAccessor\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8d3a89a477e273b9b2223b6db775955e35105963\"\u003e8d3a89a477\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eescape angular control flow in jsdoc\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/bc34083d349a7d30efb43df97de0509fd85a1996\"\u003ebc34083d34\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eignore non-existent files\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0ea1e071742a031d9afb7a39f8e23082cd88ca2e\"\u003e0ea1e07174\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eapply bootstrap-options migration to \u003ccode\u003eplatformBrowserDynamic\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/70507b8c1ce733b8232a12fa45037ee219b5b102\"\u003e70507b8c1c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edebug data causing memory leak for root effects\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/a55482fca3b7e4f39d95f8ff236b6619e59b8190\"\u003ea55482fca3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003enotify profiler events in case of errors\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/49ad7c650818ee7db321a24c89282dbf9bb250f3\"\u003e49ad7c6508\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003euse injected \u003ccode\u003eDOCUMENT\u003c/code\u003e for \u003ccode\u003eCSP_NONCE\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cc1ec099315b0f429d0b0f07c9b1bf686668db6b\"\u003ecc1ec09931\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eperf\u003c/td\u003e\n\u003ctd\u003eavoid repeat searches for field directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eforms\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7d5c7cf99aa5c6490f8bea950b04bd56073582a1\"\u003e7d5c7cf99a\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efeat\u003c/td\u003e\n\u003ctd\u003eadd DI option for classes on \u003ccode\u003eField\u003c/code\u003e directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8acf5d27563ec51cc76971732d50e1f4142a3fe3\"\u003e8acf5d2756\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow dynamic \u003ccode\u003etype\u003c/code\u003e bindings on signal form controls\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003ccode\u003e05fe668\u003c/code\u003e\u003c/a\u003e fix(http): prevent XSRF token leakage to protocol-relative URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/12e2302a0425f3a2b09cb00d743cbdb099a5eb31\"\u003e\u003ccode\u003e12e2302\u003c/code\u003e\u003c/a\u003e build: update common's locales to use rules_js (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61630\"\u003e#61630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/9701047b9f41175a498b8bb35563e2ed277b83e1\"\u003e\u003ccode\u003e9701047\u003c/code\u003e\u003c/a\u003e test(common): Add circular deps test to 19.2.x (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61651\"\u003e#61651\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2c876b4fc5d89ce925b1403e239c7d162e39346b\"\u003e\u003ccode\u003e2c876b4\u003c/code\u003e\u003c/a\u003e fix(common): avoid injecting ApplicationRef in FetchBackend (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61649\"\u003e#61649\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e54b5773f8f74bdd2e2c0a4c89c84543c99b834\"\u003e\u003ccode\u003e8e54b57\u003c/code\u003e\u003c/a\u003e build: move private testing helpers outside \u003ccode\u003eplatform-browser/testing\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2b1b14f4d3751b9b3c351ddc412ecdcb2aea4781\"\u003e\u003ccode\u003e2b1b14f\u003c/code\u003e\u003c/a\u003e fix(core): cleanup \u003ccode\u003erxResource\u003c/code\u003e abort listener (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/58306\"\u003e#58306\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/126efc9972e18806e71977d51a55f8ec2f0514d6\"\u003e\u003ccode\u003e126efc9\u003c/code\u003e\u003c/a\u003e fix(common): cancel reader when app is destroyed (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61528\"\u003e#61528\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/efda8724535a8560a64b28cc2bf81df5931af686\"\u003e\u003ccode\u003eefda872\u003c/code\u003e\u003c/a\u003e fix(common): prevent reading chunks if app is destroyed (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61354\"\u003e#61354\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/c43fd3a39c8d7b6ab23037a87456f6acfb4eb08f\"\u003e\u003ccode\u003ec43fd3a\u003c/code\u003e\u003c/a\u003e build: migrate common to use rules_js based toolchain (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61434\"\u003e#61434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/185b7801ee0eede67f0ca5a501833eb4f392098b\"\u003e\u003ccode\u003e185b780\u003c/code\u003e\u003c/a\u003e build: migrate \u003ccode\u003epackages/core/schematics\u003c/code\u003e to \u003ccode\u003ets_project\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/common/issues/61420\"\u003e#61420\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/19.2.16/packages/common\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/common\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/core` from 7.2.14 to 19.2.20\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.20\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5be912eb55fe88e8621e2ce82470d51b7d950ceb\"\u003e\u003cimg src=\"https://img.shields.io/badge/5be912eb55-fix-green\" alt=\"fix - 5be912eb55\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003e\u003cimg src=\"https://img.shields.io/badge/b89b0a83a4-fix-green\" alt=\"fix - b89b0a83a4\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e\u003cimg src=\"https://img.shields.io/badge/621c7071ad-fix-green\" alt=\"fix - 621c7071ad\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.19\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/747548721d051c21e388a302d20d53fb3ab16367\"\u003e\u003cimg src=\"https://img.shields.io/badge/747548721d-fix-green\" alt=\"fix - 747548721d\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eblock creation of sensitive URI attributes from ICU messages\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAngular now only applies known attributes from HTML in translated ICU content. Unknown attributes are dropped and not rendered.\u003c/p\u003e\n\u003cp\u003e(cherry picked from commit 03da204b6daa5e4583e0d0968c2107390bbd8235)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e19.2.18\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003cimg src=\"https://img.shields.io/badge/26cdc53d9c-fix-green\" alt=\"fix - 26cdc53d9c\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.17\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003cimg src=\"https://img.shields.io/badge/7c42e2ebeb-fix-green\" alt=\"fix - 7c42e2ebeb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.20 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5be912eb55fe88e8621e2ce82470d51b7d950ceb\"\u003e5be912eb55\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003eb89b0a83a4\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e621c7071ad\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e20.3.18 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/02fbf08890ec6ac2efb6c2ec4f17e56497cb81d2\"\u003e02fbf08890\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/72126f9a08c185a9b93461bab67841c4e84c9b17\"\u003e72126f9a08\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated attribute bindings with interpolations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/626bc8bc20e485cad2094c4a5d9417fb9a71dda8\"\u003e626bc8bc20\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e22.0.0-next.3 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/78dea55351fb305b33a919c43a6b363137eca166\"\u003e78dea55351\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/999c14eaab981d12bf2b1d9b1fd6766157f7b1cc\"\u003e999c14eaab\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ereverts \u0026quot;feat(core): add support for nested animations\u0026quot;\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/de0eb4c6566011e1a34d529a273ec3d5b6bf17d5\"\u003ede0eb4c656\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize translated form attributes\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.2.4 (2026-03-12)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ed2d324f9cc12aab6cfa0569ef10b73243a62c65\"\u003eed2d324f9c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003edisallow translations of iframe src\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/621c7071adffbe5dd45a5c954b6b6138e0870844\"\u003e\u003ccode\u003e621c707\u003c/code\u003e\u003c/a\u003e fix(core): sanitize translated form attributes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/b89b0a83a4d21bbb6f8534bbf56aece12af24595\"\u003e\u003ccode\u003eb89b0a8\u003c/code\u003e\u003c/a\u003e fix(core): sanitize translated attribute bindings with interpolations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/747548721d051c21e388a302d20d53fb3ab16367\"\u003e\u003ccode\u003e7475487\u003c/code\u003e\u003c/a\u003e fix(core): block creation of sensitive URI attributes from ICU messages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003ccode\u003e26cdc53\u003c/code\u003e\u003c/a\u003e fix(core): sanitize sensitive attributes on SVG script elements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003ccode\u003e7c42e2e\u003c/code\u003e\u003c/a\u003e fix(compiler): prevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/70d0639bc19e376af1a0491898f54a026d3227e2\"\u003e\u003ccode\u003e70d0639\u003c/code\u003e\u003c/a\u003e fix(core): introduce \u003ccode\u003eBootstrapContext\u003c/code\u003e for improved server bootstrapping (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/6\"\u003e#6\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/73d3e001d2a2fa3218d769c0834c12a762d86882\"\u003e\u003ccode\u003e73d3e00\u003c/code\u003e\u003c/a\u003e build: fix failing test (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61683\"\u003e#61683\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/9e1cd4966202d89c7310ab84c50b2c4231a0213e\"\u003e\u003ccode\u003e9e1cd49\u003c/code\u003e\u003c/a\u003e fix(migrations): preserve comments when removing unused imports (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61674\"\u003e#61674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/a6d5479cc75a91447daf3877d62b68a5740d3c74\"\u003e\u003ccode\u003ea6d5479\u003c/code\u003e\u003c/a\u003e build: migrate platform-server to rules_js (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/core/issues/61619\"\u003e#61619\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/2a269449745c836e4b99215e36ea10fbe87e9e21\"\u003e\u003ccode\u003e2a26944\u003c/code\u003e\u003c/a\u003e build: migrate platform-browser and platform-browser-dynamic package to use r...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v19.2.20/packages/core\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/core\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@angular/compiler` from 7.2.14 to 19.2.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/releases\"\u003e@​angular/compiler's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e19.2.18\u003c/h2\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003cimg src=\"https://img.shields.io/badge/26cdc53d9c-fix-green\" alt=\"fix - 26cdc53d9c\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.17\u003c/h2\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003cimg src=\"https://img.shields.io/badge/7c42e2ebeb-fix-green\" alt=\"fix - 7c42e2ebeb\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch2\u003e19.2.16\u003c/h2\u003e\n\u003ch3\u003ehttp\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc\"\u003e\u003cimg src=\"https://img.shields.io/badge/05fe6686a9-fix-green\" alt=\"fix - 05fe6686a9\" /\u003e\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eprevent XSRF token leakage to protocol-relative URLs\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/angular/angular/blob/main/CHANGELOG.md\"\u003e@​angular/compiler's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e19.2.18 (2026-01-07)\u003c/h1\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e26cdc53d9c\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.7 (2026-01-07)\u003c/h1\u003e\n\u003ch3\u003ecompiler\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e808740c9311daa0f1c9bab8596ed5e54bdcc6a\"\u003e8e808740c9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ebetter types for a few expression AST nodes\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/63b1cdcf70e6de448e8fa4ba1732d7bd7b5400d1\"\u003e63b1cdcf70\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eproduce accurate span for typeof and void expressions\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/3c3ae0cb64bb112d7167fd9b0bf7739f0c9e6a39\"\u003e3c3ae0cb64\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eprovide location information for literal map keys\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/523dbaf1c3646ce27f1cf2e4cfc84c730fea8da9\"\u003e523dbaf1c3\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003estop ThisReceiver inheritance from ImplicitReceiver\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecompiler-cli\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/4d9c4567edfb8dd424a3336ef54ffdfc6ca7c15f\"\u003e4d9c4567ed\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eensure component import diagnostics are reported within the \u003ccode\u003eimports\u003c/code\u003e expression\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/cd405685afbfad530de7fb841ad352d2b702a9a4\"\u003ecd405685af\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003efix up spelling of diagnostic\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/778460fccac13d8667bb53fa24ba977a930c0253\"\u003e778460fcca\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport qualified names in \u003ccode\u003etypeof\u003c/code\u003e type references\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003ecore\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c74674eb07491f808f79976e3e21787a841aefb\"\u003e7c74674eb0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eavoid leaking view data in animations\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/0edbee4550e85b933e9bd2ba3c5511ef6fbf7304\"\u003e0edbee4550\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eexplicitly cast signal node value to String\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/f9c29572d28feef878c73edad562b3a6451825a6\"\u003ef9c29572d2\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esanitize sensitive attributes on SVG script elements\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003eforms\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/e3fba182f90a2673040cf267a970c54c07d4840f\"\u003ee3fba182f9\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efeat\u003c/td\u003e\n\u003ctd\u003eadd \u003ccode\u003e[formField]\u003c/code\u003e directive\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/561772b152458e1d91d4bf3ef45d9645a731f2b1\"\u003e561772b152\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003edirty\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/f0fb1d8581671ca499bcb4790b0549825eb36a91\"\u003ef0fb1d8581\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003ehidden\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ec110f170bbba95f023c8ae0e4429c35bfedc572\"\u003eec110f170b\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eallow custom controls to require \u003ccode\u003epending\u003c/code\u003e input\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/ae1dc16bb0d30b6e87b0f98b7989e6685d856e31\"\u003eae1dc16bb0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eclean up abort listener after timeout\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/9748b0d5da6ffb1fd2498b23cc452240f46e0549\"\u003e9748b0d5da\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003esupport custom controls with non signal-based models\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/6bd22df987e433a9e3cb759e35eb6403991cf4b7\"\u003e6bd22df987\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eSupport readonly arrays in signal forms\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003ch3\u003erouter\u003c/h3\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eCommit\u003c/th\u003e\n\u003cth\u003eType\u003c/th\u003e\n\u003cth\u003eDescription\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/41cd4a6af800cf7807c46862c99ae036457d8fa7\"\u003e41cd4a6af8\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003eFix RouterLink href not updating with \u003ccode\u003equeryParamsHandling\u003c/code\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://github.com/angular/angular/commit/5e9e09aee0c08901d2a4d48b60bd13692c73e76e\"\u003e5e9e09aee0\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003efix\u003c/td\u003e\n\u003ctd\u003ehandle errors from view transition \u003ccode\u003eupdateCallbackDone\u003c/code\u003e promise\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e21.0.6 (2025-12-17)\u003c/h1\u003e\n\u003ch2\u003eBreaking Changes (affecting only experimental features)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/26cdc53d9cf99ec41ffc0c71f58f8a14efc828d9\"\u003e\u003ccode\u003e26cdc53\u003c/code\u003e\u003c/a\u003e fix(core): sanitize sensitive attributes on SVG script elements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/7c42e2ebebc135e9949a9e9a0295ef3ccf261b82\"\u003e\u003ccode\u003e7c42e2e\u003c/code\u003e\u003c/a\u003e fix(compiler): prevent XSS via SVG animation \u003ccode\u003eattributeName\u003c/code\u003e and MathML/SVG URLs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/24bab55f0c89c4fe6037780fd7b2e8c8aa5429b2\"\u003e\u003ccode\u003e24bab55\u003c/code\u003e\u003c/a\u003e fix(compiler): lexer support for template literals in object literals (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61601\"\u003e#61601\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/fc2483e7e96f8a26293f6862cbd27417b4e40809\"\u003e\u003ccode\u003efc2483e\u003c/code\u003e\u003c/a\u003e refactor(compiler): avoid duplication between \u003ccode\u003eFactoryTarget\u003c/code\u003e type (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/8e54b5773f8f74bdd2e2c0a4c89c84543c99b834\"\u003e\u003ccode\u003e8e54b57\u003c/code\u003e\u003c/a\u003e build: move private testing helpers outside \u003ccode\u003eplatform-browser/testing\u003c/code\u003e (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61571\"\u003e#61571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/44bb328eaea028524206d0d2b9f12702c9bf3861\"\u003e\u003ccode\u003e44bb328\u003c/code\u003e\u003c/a\u003e fix(compiler): avoid conflicts between HMR code and local symbols (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61550\"\u003e#61550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/1007079aeea013291900109c86fab36c9cac50c4\"\u003e\u003ccode\u003e1007079\u003c/code\u003e\u003c/a\u003e build: update compiler-cli to not be stamped when used for the compiler in ng...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/0d025c5013292fdba65d91982ae8aaee61583d57\"\u003e\u003ccode\u003e0d025c5\u003c/code\u003e\u003c/a\u003e build: support new \u003ccode\u003eng_project\u003c/code\u003e rule (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61336\"\u003e#61336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/899cb4ab49e284185f2093f2b48f1adba8cb3d47\"\u003e\u003ccode\u003e899cb4a\u003c/code\u003e\u003c/a\u003e refactor: add explicit types for exports relying on inferred call return type...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/angular/angular/commit/1312eb1600648c94a0063667c2095165462f27ef\"\u003e\u003ccode\u003e1312eb1\u003c/code\u003e\u003c/a\u003e build: remove irrelevant madge circular deps tests (\u003ca href=\"https://github.com/angular/angular/tree/HEAD/packages/compiler/issues/61209\"\u003e#61209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/angular/angular/commits/v19.2.18/packages/compiler\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~google-wombot\"\u003egoogle-wombot\u003c/a\u003e, a new releaser for \u003ccode\u003e@​angular/compiler\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `@babel/traverse` from 7.4.4 to 7.29.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/babel/babel/releases\"\u003e@​babel/traverse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.29.0 (2026-01-31)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e for your first PR!\u003c/p\u003e\n\u003ch4\u003e:rocket: New Feature\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17750\"\u003e#17750\u003c/a\u003e [7.x backport] Add attributes import declaration builder (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17663\"\u003e#17663\u003c/a\u003e [7.x backport] feat(standalone): export async transform (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17725\"\u003e#17725\u003c/a\u003e [7.x backport] feat: read standalone targets from data-targets (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-parser\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17765\"\u003e#17765\u003c/a\u003e fix(parser): correctly parse type assertions in \u003ccode\u003eextends\u003c/code\u003e clause (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17723\"\u003e#17723\u003c/a\u003e [7.x backport] fix(parser): improve super type argument parsing (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17708\"\u003e#17708\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-block-scoping\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17737\"\u003e#17737\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:running_woman: Performance\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-generator\u003c/code\u003e, \u003ccode\u003ebabel-runtime-corejs3\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17642\"\u003e#17642\u003c/a\u003e [Babel 7] Improve generator performance (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eCommitters: 6\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDavid (\u003ca href=\"https://github.com/simbahax\"\u003e\u003ccode\u003e@​simbahax\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHuáng Jùnliàng (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNicolò Ribaudo (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magic-akari\"\u003e\u003ccode\u003e@​magic-akari\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev7.28.6 (2026-01-12)\u003c/h2\u003e\n\u003cp\u003eThanks \u003ca href=\"https://github.com/kadhirash\"\u003e\u003ccode\u003e@​kadhirash\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/kolvian\"\u003e\u003ccode\u003e@​kolvian\u003c/code\u003e\u003c/a\u003e for your first PRs!\u003c/p\u003e\n\u003ch4\u003e:bug: Bug Fix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-cli\u003c/code\u003e, \u003ccode\u003ebabel-code-frame\u003c/code\u003e, \u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-helper-check-duplicate-nodes\u003c/code\u003e, \u003ccode\u003ebabel-helper-fixtures\u003c/code\u003e, \u003ccode\u003ebabel-helper-plugin-utils\u003c/code\u003e, \u003ccode\u003ebabel-node\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-flow-comments\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-modules-commonjs\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-property-mutators\u003c/code\u003e, \u003ccode\u003ebabel-preset-env\u003c/code\u003e, \u003ccode\u003ebabel-traverse\u003c/code\u003e, \u003ccode\u003ebabel-types\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17589\"\u003e#17589\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-regenerator\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17556\"\u003e#17556\u003c/a\u003e fix: \u003ccode\u003etransform-regenerator\u003c/code\u003e correctly handles scope (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-transform-react-jsx\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17538\"\u003e#17538\u003c/a\u003e fix: Keep jsx comments (\u003ca href=\"https://github.com/liuxingbaoyu\"\u003e\u003ccode\u003e@​liuxingbaoyu\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:nail_care: Polish\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-core\u003c/code\u003e, \u003ccode\u003ebabel-standalone\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17606\"\u003e#17606\u003c/a\u003e Polish(standalone): improve message on invalid preset/plugin (\u003ca href=\"https://github.com/JLHwung\"\u003e\u003ccode\u003e@​JLHwung\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e:house: Internal\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ebabel-plugin-bugfix-v8-static-class-fields-redefine-readonly\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-attributes-to-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-proposal-import-wasm-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-async-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-decorators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-destructuring-private\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-do-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-export-default-from\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-flow\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-bind\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-function-sent\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-assertions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-attributes\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-defer\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-import-source\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-jsx\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-module-blocks\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-optional-chaining-assign\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-partial-application\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-pipeline-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-throw-expressions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-syntax-typescript\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-generator-functions\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-async-to-generator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-properties\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-class-static-block\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-dotall-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-duplicate-named-capturing-groups-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-explicit-resource-management\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-exponentiation-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-json-strings\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-logical-assignment-operators\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-nullish-coalescing-operator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-numeric-separator\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-object-rest-spread\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-catch-binding\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-optional-chaining\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-methods\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-private-property-in-object\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-regexp-modifiers\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-property-regex\u003c/code\u003e, \u003ccode\u003ebabel-plugin-transform-unicode-sets-regex\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/babel/babel/pull/17580\"\u003e#17580\u003c/a\u003e Allow Babel 8 in compatible Babel 7 plugins (\u003ca href=\"https://github.com/nicolo-ribaudo\"\u003e\u003ccode\u003e@​nicolo-ribaudo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aa8394e454337d118ac3d40bfa3ee1a3cb3f3ed2\"\u003e\u003ccode\u003eaa8394e\u003c/code\u003e\u003c/a\u003e v7.29.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/84366a8ea453814e732784db74cf2e2b6635eb6f\"\u003e\u003ccode\u003e84366a8\u003c/code\u003e\u003c/a\u003e fix(traverse): provide a hub when traversing a File or Program and no parentP...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/229eb452c5d5d2be0dc138ec2956aff7ff1057d7\"\u003e\u003ccode\u003e229eb45\u003c/code\u003e\u003c/a\u003e [7.x backport] fix: Rename switch discriminant references when body creates s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/d7f400889567ae18ef9ac41b024b5120f6060e17\"\u003e\u003ccode\u003ed7f4008\u003c/code\u003e\u003c/a\u003e v7.28.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/905bc22b2fff23673eabe467815c67b29bf8bba2\"\u003e\u003ccode\u003e905bc22\u003c/code\u003e\u003c/a\u003e fix: lint errors in main branch (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17612\"\u003e#17612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/a03e2b63ae530674e866b60350b7eb4a5fcb5f59\"\u003e\u003ccode\u003ea03e2b6\u003c/code\u003e\u003c/a\u003e fix: \u003ccode\u003epath.evaluate\u003c/code\u003e correctly returns \u003ccode\u003econfident\u003c/code\u003e (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17584\"\u003e#17584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/aac2c37e11ad58905f7f9606103074e80bacbbcd\"\u003e\u003ccode\u003eaac2c37\u003c/code\u003e\u003c/a\u003e chore: Use Gulpfile.mts (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17579\"\u003e#17579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/65c4a6b3ee0e1d32801529e841572bb22534e1f3\"\u003e\u003ccode\u003e65c4a6b\u003c/code\u003e\u003c/a\u003e [Babel 8] fix: Improve \u003ccode\u003etraverse\u003c/code\u003e types (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17574\"\u003e#17574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/99dcba5e71de3bd81ce14077cfa5b6df58e9b177\"\u003e\u003ccode\u003e99dcba5\u003c/code\u003e\u003c/a\u003e chore: enable some ts-eslint rules (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17592\"\u003e#17592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/babel/babel/commit/c92c4919771105140015167f25f7bacac77c90d9\"\u003e\u003ccode\u003ec92c491\u003c/code\u003e\u003c/a\u003e Improve Unicode handling in code-frame tokenizer (\u003ca href=\"https://github.com/babel/babel/tree/HEAD/packages/babel-traverse/issues/17589\"\u003e#17589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/babel/babel/commits/v7.29.0/packages/babel-traverse\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for \u003ccode\u003e@​babel/traverse\u003c/code\u003e since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `body-parser` from 1.18.3 to 1.20.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/releases\"\u003ebody-parser's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThe reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (\u0026gt; 100) on qs@6.14.2+. (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/692\"\u003eexpressjs/body-parser#692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct off-by-one error in parameterCount by \u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps(qs): bump qs to 6.15.1 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/722\"\u003eexpressjs/body-parser#722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.5 by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/721\"\u003eexpressjs/body-parser#721\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/abhu85\"\u003e\u003ccode\u003e@​abhu85\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/716\"\u003eexpressjs/body-parser#716\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSpecial thanks to triager \u003ca href=\"https://github.com/krzysdz\"\u003e\u003ccode\u003e@​krzysdz\u003c/code\u003e\u003c/a\u003e for keeping this on our radar and effectively triaging the specific issue!\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.4...1.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove redundant depth check by \u003ca href=\"https://github.com/blakeembrey\"\u003e\u003ccode\u003e@​blakeembrey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/538\"\u003eexpressjs/body-parser#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js v23 by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/553\"\u003eexpressjs/body-parser#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: restore CI for 1.x branch by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/665\"\u003eexpressjs/body-parser#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@^6.14.0 by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/664\"\u003eexpressjs/body-parser#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation and update certain dependencies by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/668\"\u003eexpressjs/body-parser#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove SECURITY.md by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/669\"\u003eexpressjs/body-parser#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add CodeQL (SAST) by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/670\"\u003eexpressjs/body-parser#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.4 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/672\"\u003eexpressjs/body-parser#672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\"\u003ehttps://github.com/expressjs/body-parser/compare/1.20.3...1.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e1.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eImportant\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eIMPORTANT:\u003c/strong\u003e The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e). \u003ca href=\"https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOther changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: add support for OSSF scorecard reporting by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/522\"\u003eexpressjs/body-parser#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: fix errors in ci github action for node 8 and 9 by \u003ca href=\"https://github.com/inigomarquinez\"\u003e\u003ccode\u003e@​inigomarquinez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/523\"\u003eexpressjs/body-parser#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: pin to node@22.4.1 by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/527\"\u003eexpressjs/body-parser#527\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.12.3 by \u003ca href=\"https://github.com/melikhov-dev\"\u003e\u003ccode\u003e@​melikhov-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/521\"\u003eexpressjs/body-parser#521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd OSSF Scorecard badge by \u003ca href=\"https://github.com/bjohansebas\"\u003e\u003ccode\u003e@​bjohansebas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/531\"\u003eexpressjs/body-parser#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLinter by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/534\"\u003eexpressjs/body-parser#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 1.20.3 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/body-parser/pull/535\"\u003eexpressjs/body-parser#535\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/body-parser/blob/1.20.5/HISTORY.md\"\u003ebody-parser's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.20.5 / 2026-04-24\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erefactor(json): simplify strict mode error string construction\u003c/li\u003e\n\u003cli\u003efix: extended urlencoded parsing of arrays with \u0026gt;100 elements (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.4 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@~6.14.0\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: http-errors@~2.0.1\u003c/li\u003e\n\u003cli\u003edeps: raw-body@~2.5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.3 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003edepth\u003c/code\u003e option to customize the depth level in the parser\u003c/li\u003e\n\u003cli\u003eIMPORTANT: The default \u003ccode\u003edepth\u003c/code\u003e level for parsing URL-encoded data is now \u003ccode\u003e32\u003c/code\u003e (previously was \u003ccode\u003eInfinity\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.2 / 2023-02-21\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix strict json error message on Node.js 19+\u003c/li\u003e\n\u003cli\u003edeps: content-type@~1.0.5\n\u003cul\u003e\n\u003cli\u003eperf: skip value escaping when unnecessary\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: raw-body@2.5.2\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.1 / 2022-10-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: qs@6.11.0\u003c/li\u003e\n\u003cli\u003eperf: remove unnecessary object clone\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.20.0 / 2022-04-02\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix error message for json parse whitespace in \u003ccode\u003estrict\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix internal error when inflated body exceeds limit\u003c/li\u003e\n\u003cli\u003ePrevent loss of async hooks context\u003c/li\u003e\n\u003cli\u003ePrevent hanging when request already read\u003c/li\u003e\n\u003cli\u003edeps: depd@2.0.0\n\u003cul\u003e\n\u003cli\u003eReplace internal \u003ccode\u003eeval\u003c/code\u003e usage with \u003ccode\u003eFunction\u003c/code\u003e constructor\u003c/li\u003e\n\u003cli\u003eUse instance methods on \u003ccode\u003eprocess\u003c/code\u003e to check for listeners\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: http-errors@2.0.0\n\u003cul\u003e\n\u003cli\u003edeps: depd@2.0.0\u003c/li\u003e\n\u003cli\u003edeps: statuses@2.0.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: on-finished@2.4.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.10.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/0defdbe7f95ad0d3bc007d3a7c59c8c0ab9e6575\"\u003e\u003ccode\u003e0defdbe\u003c/code\u003e\u003c/a\u003e release(patch): 1.20.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/cd0e7a000c53e7be7262d303e57a352b6a00db7f\"\u003e\u003ccode\u003ecd0e7a0\u003c/code\u003e\u003c/a\u003e deps(qs): bump qs to 6.15.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6f24d7e8bcd9860b136920926ce86da1a7dd1d51\"\u003e\u003ccode\u003e6f24d7e\u003c/code\u003e\u003c/a\u003e fix: correct off-by-one error in parameterCount (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/b849bd533d8b4abf5576a3e301f28d9befa05ddd\"\u003e\u003ccode\u003eb849bd5\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/690\"\u003e#690\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/2c55e2f712f320a8e8d0f9fcb1d06526d0e401c9\"\u003e\u003ccode\u003e2c55e2f\u003c/code\u003e\u003c/a\u003e refactor(json): simplify strict mode error string construction (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/7db202cac84a001e6566c2dc6516b44db98beff3\"\u003e\u003ccode\u003e7db202c\u003c/code\u003e\u003c/a\u003e 1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/d8f8adb898676dfdf997b4455e5f9b689b53e989\"\u003e\u003ccode\u003ed8f8adb\u003c/code\u003e\u003c/a\u003e ci: add CodeQL (SAST) (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/6d133c19b3e7c0bb8301959ca1dba283d23d23c3\"\u003e\u003ccode\u003e6d133c1\u003c/code\u003e\u003c/a\u003e chore: remove SECURITY.md (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/669\"\u003e#669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/fcd15355041ada6f37288dd13858d50429016b66\"\u003e\u003ccode\u003efcd1535\u003c/code\u003e\u003c/a\u003e deps: use tilde notation and update certain dependencies (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/668\"\u003e#668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/body-parser/commit/ec5fa290d25d85e0049757e240249072331eaee6\"\u003e\u003ccode\u003eec5fa29\u003c/code\u003e\u003c/a\u003e deps: qs@~6.14.0 (\u003ca href=\"https://redirect.github.com/expressjs/body-parser/issues/664\"\u003e#664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/body-parser/compare/1.18.3...1.20.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for body-parser since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `express` from 4.16.4 to 4.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/releases\"\u003eexpress's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.22.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/suuuuuuminnnnnn\"\u003e\u003ccode\u003e@​suuuuuuminnnnnn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7021\"\u003eexpressjs/express#7021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SAY-5\"\u003e\u003ccode\u003e@​SAY-5\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/7181\"\u003eexpressjs/express#7181\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/v4.22.1...v4.22.2\"\u003ehttps://github.com/expressjs/express/compare/v4.22.1...v4.22.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.22.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\u003cbr /\u003e\nThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cul\u003e\n\u003cli\u003eRelease: 4.22.1 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6934\"\u003eexpressjs/express#6934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.22.0...v4.22.1\"\u003ehttps://github.com/expressjs/express/compare/4.22.0...v4.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.22.0\u003c/h2\u003e\n\u003ch2\u003eImportant: Security\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRefactor: improve readability by \u003ca href=\"https://github.com/sazk07\"\u003e\u003ccode\u003e@​sazk07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6190\"\u003eexpressjs/express#6190\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add support for Node.js@23.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6080\"\u003eexpressjs/express#6080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMethod functions with no path should error by \u003ca href=\"https://github.com/wesleytodd\"\u003e\u003ccode\u003e@​wesleytodd\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/5957\"\u003eexpressjs/express#5957\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: updated github actions ci workflow by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6323\"\u003eexpressjs/express#6323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: reorder \u003ccode\u003enpm i\u003c/code\u003e steps to fix ci for older node versions by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6336\"\u003eexpressjs/express#6336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport: ci: add node.js 24 to test matrix by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6506\"\u003eexpressjs/express#6506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(4.x): wider range for query test skip by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6513\"\u003eexpressjs/express#6513\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse tilde notation for certain dependencies by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6905\"\u003eexpressjs/express#6905\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6909\"\u003eexpressjs/express#6909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for \u003ccode\u003eqs\u003c/code\u003e by \u003ca href=\"https://github.com/Phillip9587\"\u003e\u003ccode\u003e@​Phillip9587\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6919\"\u003eexpressjs/express#6919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: 4.22.0 by \u003ca href=\"https://github.com/UlisesGascon\"\u003e\u003ccode\u003e@​UlisesGascon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/expressjs/express/pull/6921\"\u003eexpressjs/express#6921\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/expressjs/express/compare/4.21.2...4.22.0\"\u003ehttps://github.com/expressjs/express/compare/4.21.2...4.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.21.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/expressjs/express/blob/v4.22.2/History.md\"\u003eexpress's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.22.2 / 2026-05-011\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore \u0026gt;20 array parsing for \u003ccode\u003ereq.query\u003c/code\u003e repeated keys (\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe6\u003c/code\u003e\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis also unifies array-cap behavior across notations. Indexed notation (\u003ccode\u003ea[0]=...\u003c/code\u003e) was historically capped at qs's default \u003ccode\u003earrayLimit\u003c/code\u003e of 20 even in older qs versions; after this change it also allows up to 1000 items.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: qs@~6.15.1\u003c/li\u003e\n\u003cli\u003edeps: body-parser@~1.20.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.1 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRevert security fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThe prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.22.0 / 2025-12-01\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity fix for \u003ca href=\"https://www.cve.org/CVERecord?id=CVE-2024-51999\"\u003eCVE-2024-51999\u003c/a\u003e (\u003ca href=\"https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6\"\u003eGHSA-pj86-cfqh-vqx6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edeps: use tilde notation for dependencies\u003c/li\u003e\n\u003cli\u003edeps: qs@6.14.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.2 / 2024-11-06\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.12\n\u003cul\u003e\n\u003cli\u003eFix backtracking protection\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: path-to-regexp@0.1.11\n\u003cul\u003e\n\u003cli\u003eThrows an error on invalid path values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.1 / 2024-10-08\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eBackported a fix for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2024-47764\"\u003eCVE-2024-47764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.21.0 / 2024-09-11\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eres.location(\u0026quot;back\u0026quot;)\u003c/code\u003e and \u003ccode\u003eres.redirect(\u0026quot;back\u0026quot;)\u003c/code\u003e magic string\u003c/li\u003e\n\u003cli\u003edeps: serve-static@1.16.2\n\u003cul\u003e\n\u003cli\u003eincludes send@0.19.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: finalhandler@1.3.1\u003c/li\u003e\n\u003cli\u003edeps: qs@6.13.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.20.0 / 2024-09-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003edeps: serve-static@0.16.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: send@0.19.0\n\u003cul\u003e\n\u003cli\u003eRemove link renderization in html while redirecting\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edeps: body-parser@0.6.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97\"\u003e\u003ccode\u003edf0abc9\u003c/code\u003e\u003c/a\u003e 4.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec\"\u003e\u003ccode\u003e836d366\u003c/code\u003e\u003c/a\u003e \u003ccode\u003e4.x\u003c/code\u003e update qs to 6.15.1, body-parser 1.20.5 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7224\"\u003e#7224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db\"\u003e\u003ccode\u003e8d09bfe\u003c/code\u003e\u003c/a\u003e fix: restore array parsing for req.query repeated keys (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7181\"\u003e#7181\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d\"\u003e\u003ccode\u003ed39e8ad\u003c/code\u003e\u003c/a\u003e deps: body-parser@~1.20.4 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/7021\"\u003e#7021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48\"\u003e\u003ccode\u003eefe85d9\u003c/code\u003e\u003c/a\u003e deps: qs@^6.14.1 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6972\"\u003e#6972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762\"\u003e\u003ccode\u003ef62378e\u003c/code\u003e\u003c/a\u003e 📝 add note to history\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/12fae14531a78f19a2caaa5d4f58d9b01eaf3194\"\u003e\u003ccode\u003e12fae14\u003c/code\u003e\u003c/a\u003e 4.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/5ddf311af32e772a77fd48b6266ce2f1ba330e1a\"\u003e\u003ccode\u003e5ddf311\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;sec: security patch for CVE-2024-51999\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/49744abd1120484fe64d7bde1cd3197c32523b6e\"\u003e\u003ccode\u003e49744ab\u003c/code\u003e\u003c/a\u003e 4.22.0 (\u003ca href=\"https://redirect.github.com/expressjs/express/issues/6921\"\u003e#6921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/expressjs/express/commit/6e97452f600a3b01719fbc5517d833c7646b0bb7\"\u003e\u003ccode\u003e6e97452\u003c/code\u003e\u003c/a\u003e sec: security patch for CVE-2024-51999\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/expressjs/express/compare/4.16.4...v4.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~jonchurch\"\u003ejonchurch\u003c/a\u003e, a new releaser for express since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `browserify-sign` from 4.0.4 to 4.2.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md\"\u003ebrowserify-sign's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.4...v4.2.5\"\u003ev4.2.5\u003c/a\u003e - 2025-09-24\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] clean up tests and convert console info skips to tape skips \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37b083c602fb6fcd99e0856cba8859dc6f073f3c\"\u003e\u003ccode\u003e37b083c\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] restore node 0.10 support \u003ca href=\"https://github.com/browserify/browserify-sign/commit/faade86fe051fc0fb1b59e3694a566116e1e79a7\"\u003e\u003ccode\u003efaade86\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5a0f159e1d32b5c1088a75dceb301afaf40446f9\"\u003e\u003ccode\u003e5a0f159\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] drop unsupported nodes from CI \u003ca href=\"https://github.com/browserify/browserify-sign/commit/106be97da87f296f187c44b9ee857384153b5068\"\u003e\u003ccode\u003e106be97\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.3...v4.2.4\"\u003ev4.2.4\u003c/a\u003e - 2025-09-22\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[actions] split out node 10-20, and 20+ \u003ca href=\"https://github.com/browserify/browserify-sign/commit/17920d944f04efee7ae2212e4339485ba306b723\"\u003e\u003ccode\u003e17920d9\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] remove \u003ccode\u003efiles\u003c/code\u003e field \u003ca href=\"https://github.com/browserify/browserify-sign/commit/6d5b280e0496201ba022874c864b0046a74eb45e\"\u003e\u003ccode\u003e6d5b280\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003ebn.js\u003c/code\u003e, \u003ccode\u003ebrowserify-rsa\u003c/code\u003e, \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/31be0c2459e1aad5158f72576c057603bf8527b6\"\u003e\u003ccode\u003e31be0c2\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003e@ljharb/eslint-config\u003c/code\u003e, \u003ccode\u003eauto-changelog\u003c/code\u003e, \u003ccode\u003esemver\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/5f6698211aa1d6dddaba8c245f40f63ae28924a3\"\u003e\u003ccode\u003e5f66982\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] replace \u003ccode\u003eaud\u003c/code\u003e with \u003ccode\u003enpm audit\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d44b24d8691d699ccc76780b106fe9c1bf0d1558\"\u003e\u003ccode\u003ed44b24d\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] add missing peer dep \u003ca href=\"https://github.com/browserify/browserify-sign/commit/ab975f4845ea5c931df037e7f0df60f045335ae7\"\u003e\u003ccode\u003eab975f4\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] revert 9e2bf12, now that v3.1.1 is out \u003ca href=\"https://github.com/browserify/browserify-sign/commit/428cf7f3f0d09f1b39312e5e51620ca684b5c1ac\"\u003e\u003ccode\u003e428cf7f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.2...v4.2.3\"\u003ev4.2.3\u003c/a\u003e - 2024-03-05\u003c/h2\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[patch] widen support to 0.12 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9247adfd261ededfec1c036c9d8f36c4e9f87c0e\"\u003e\u003ccode\u003e9247adf\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[patch] drop minimum node support to v1 \u003ca href=\"https://github.com/browserify/browserify-sign/commit/4d0ee49ae2dc238b877dce9aed7e23fb4cb5088d\"\u003e\u003ccode\u003e4d0ee49\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Dev Deps] update \u003ccode\u003eaud\u003c/code\u003e, \u003ccode\u003enpmignore\u003c/code\u003e, \u003ccode\u003etape\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/87f3a35a587b377da2c1987af8d41c57b5afe0a5\"\u003e\u003ccode\u003e87f3a35\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[actions] remove redundant finisher \u003ca href=\"https://github.com/browserify/browserify-sign/commit/37a475856843b7d1b2403fdafac0024ba252e579\"\u003e\u003ccode\u003e37a4758\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003ehash-base\u003c/code\u003e to ~3.0, due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9e2bf122b70970cb92f69d53e963f18299f14d66\"\u003e\u003ccode\u003e9e2bf12\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eparse-asn1 [\u003c/code\u003ef427270`](\u003ca href=\"https://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\"\u003ehttps://github.com/browserify/browserify-sign/commit/f427270ac11dc6be29f87d7afb046c16376a5a9c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Deps] update \u003ccode\u003eelliptic\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/fb261cea57f92b3d98bc4d8bc6228c43a5de2e91\"\u003e\u003ccode\u003efb261ce\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Deps] pin \u003ccode\u003eelliptic\u003c/code\u003e due to a breaking change \u003ca href=\"https://github.com/browserify/browserify-sign/commit/168e16fcb54886a0281b0c983e1482a097042684\"\u003e\u003ccode\u003e168e16f\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/browserify/browserify-sign/compare/v4.2.1...v4.2.2\"\u003ev4.2.2\u003c/a\u003e - 2023-10-25\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Tests] log when openssl doesn't support cipher \u003ca href=\"https://redirect.github.com/browserify/browserify-sign/issues/37\"\u003e\u003ccode\u003e[#37](https://github.com/crypto-browserify/browserify-sign/issues/37)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCommits\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOnly apps should have lockfiles \u003ca href=\"https://github.com/browserify/browserify-sign/commit/09a89959393b3c89fedd4f7f3bafa4fec44371d7\"\u003e\u003ccode\u003e09a8995\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[eslint] switch to eslint \u003ca href=\"https://github.com/browserify/browserify-sign/commit/83fe46374b819e959d56d2c0b931308f7451a664\"\u003e\u003ccode\u003e83fe463\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] add \u003ccode\u003enpmignore\u003c/code\u003e and \u003ccode\u003eauto-changelog\u003c/code\u003e \u003ca href=\"https://github.com/browserify/browserify-sign/commit/44181838e7dcc4d5d0c568f74312ea28f0bcdfd5\"\u003e\u003ccode\u003e4418183\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[meta] fix package.json indentation \u003ca href=\"https://github.com/browserify/browserify-sign/commit/9ac5a5eaaac8a11eb70ec2febd13745c8764ae02\"\u003e\u003ccode\u003e9ac5a5e\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Tests] migrate from travis to github actions \u003ca href=\"https://github.com/browserify/browserify-sign/commit/d845d855def38e2085d5a21e447a48300f99fa60\"\u003e\u003ccode\u003ed845d85\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] \u003ccode\u003esign\u003c/code\u003e: throw on unsupported padding scheme \u003ca href=\"https://github.com/browserify/browserify-sign/commit/8767739a4516289568bcce9fed8a3b7e23478de9\"\u003e\u003ccode\u003e8767739\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Fix] properly check the upper bound for DSA signatures \u003ca href=\"https:...\n\n_Description has been truncated_","html_url":"https://github.com/servrox/ionic4-device-motion/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/servrox%2Fionic4-device-motion/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"}},{"old_version":"0.6.0","new_version":"1.1.1","update_type":"major","path":null,"pr_created_at":"2026-05-15T00:30:58.000Z","version_change":"0.6.0 → 1.1.1","issue":{"uuid":"4450304816","node_id":"PR_kwDOLnV1v87bu_RQ","number":1141,"state":"closed","title":"chore(deps): bump the npm_and_yarn group across 2 directories with 8 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-15T00:31:05.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-15T00:30:58.000Z","updated_at":"2026-05-15T00:31:13.000Z","time_to_close":7,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"npm_and_yarn","update_count":8,"packages":[{"name":"mdast-util-to-hast","old_version":"13.2.0","new_version":"13.2.1","repository_url":"https://github.com/syntax-tree/mdast-util-to-hast"},{"name":"vite","old_version":"5.4.19","new_version":"8.0.13","repository_url":"https://github.com/vitejs/vite"},{"name":"vite","old_version":"5.4.21","new_version":"6.4.2","repository_url":"https://github.com/vitejs/vite"},{"name":"dompurify","old_version":"3.3.3","new_version":"3.4.0","repository_url":"https://github.com/cure53/DOMPurify"},{"name":"svelte","old_version":"5.55.1","new_version":"5.55.7","repository_url":"https://github.com/sveltejs/svelte"},{"name":"cookie","old_version":"0.6.0","new_version":"1.1.1","repository_url":"https://github.com/jshttp/cookie"},{"name":"devalue","old_version":"5.6.4","new_version":"5.8.1"},{"name":"picomatch","old_version":"4.0.3","new_version":"4.0.4"},{"name":"protocol-buffers-schema","old_version":"3.6.0","new_version":"3.6.1"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the /documentation directory: [mdast-util-to-hast](https://github.com/syntax-tree/mdast-util-to-hast).\nBumps the npm_and_yarn group with 4 updates in the /frontend directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite), [dompurify](https://github.com/cure53/DOMPurify), [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte) and [cookie](https://github.com/jshttp/cookie).\n\nUpdates `mdast-util-to-hast` from 13.2.0 to 13.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/releases\"\u003emdast-util-to-hast's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e13.2.1\u003c/h2\u003e\n\u003ch4\u003eFix\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eab3a795 Fix support for spaces in class names\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eTypes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eefb5312 Refactor to use \u003ccode\u003e@import\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003ea5bc210 Add declaration maps\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/compare/13.2.0...13.2.1\"\u003ehttps://github.com/syntax-tree/mdast-util-to-hast/compare/13.2.0...13.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/174795b21f7757fffb54dd8d5fb4012f4751f791\"\u003e\u003ccode\u003e174795b\u003c/code\u003e\u003c/a\u003e 13.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/3d05b3a715133df55689fe3753c2e47101315b4e\"\u003e\u003ccode\u003e3d05b3a\u003c/code\u003e\u003c/a\u003e Update Node in Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/ab3a79570a1afbfa7efef5d4a0cd9b5caafbc5d7\"\u003e\u003ccode\u003eab3a795\u003c/code\u003e\u003c/a\u003e Fix support for spaces in class names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/efb531231020055e0dab7b39a18d80b569d5b566\"\u003e\u003ccode\u003eefb5312\u003c/code\u003e\u003c/a\u003e Refactor to use \u003ccode\u003e@import\u003c/code\u003es\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/a5bc210f1aa308e4c6141ac374893c9237fcd746\"\u003e\u003ccode\u003ea5bc210\u003c/code\u003e\u003c/a\u003e Add declaration maps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/commit/b54955d4e123b0167eac13646333c809bb8f301c\"\u003e\u003ccode\u003eb54955d\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003e.tsbuildinfo\u003c/code\u003e to \u003ccode\u003e.gitignore\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/syntax-tree/mdast-util-to-hast/compare/13.2.0...13.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 5.4.19 to 8.0.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.1/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.0/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.6/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.2 (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003efe28e47\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22163\"\u003e#22163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003eca4da5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.1 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e1114b5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20969\"\u003e#20969\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.4.0 (2025-10-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003eca6455e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20932\"\u003e#20932\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.7 (2025-10-14)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003ec59a222\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20940\"\u003e#20940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.6 (2025-09-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/0ab19ea9fcb66f544328f442cf6e70f7c0528d5f\"\u003e0ab19ea\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20736\"\u003e#20736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: upgrade sirv to 3.0.2 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20735\"\u003e#20735\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e11d24008b97d4ca731ecc1a3b95260a6d12e7e0\"\u003ee11d240\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20735\"\u003e#20735\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: detect ts support via \u003ccode\u003eprocess.features\u003c/code\u003e (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20544\"\u003e#20544\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7d9922972b62329d37a71d4da5a4a382d0bf8a79\"\u003e7d99229\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20544\"\u003e#20544\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.5 (2025-05-05)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(ssr): handle uninitialized export access as undefined (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19959\"\u003e#19959\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fd38d076fe2455aac1e00a7b15cd51159bf12bb5\"\u003efd38d07\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19959\"\u003e#19959\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.4 (2025-04-30)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c22c43de612eebb6c182dd67850c24e4fab8cacb\"\u003ec22c43d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19965\"\u003e#19965\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(optimizer): return plain object when using \u003ccode\u003erequire\u003c/code\u003e to import externals in optimized dependenci (\u003ca href=\"https://github.com/vitejs/vite/commit/efc5eab253419fde0a6a48b8d2f233063d6a9643\"\u003eefc5eab\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19940\"\u003e#19940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: remove duplicate plugin context type (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19935\"\u003e#19935\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/d6d01c2292fa4f9603e05b95d81c8724314c20e0\"\u003ed6d01c2\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19935\"\u003e#19935\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.3 (2025-04-24)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: ignore malformed uris in tranform middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19853\"\u003e#19853\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e4d520141bcd83ad61f16767348b4a813bf9340a\"\u003ee4d5201\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19853\"\u003e#19853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/6b3fad02abd550bd7b79934ff92c58dbd7f33045\"\u003e\u003ccode\u003e6b3fad0\u003c/code\u003e\u003c/a\u003e release: v6.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003e\u003ccode\u003eca4da5d\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003e\u003ccode\u003efe28e47\u003c/code\u003e\u003c/a\u003e fix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5487f4f641f70c47ea05fd101a4319897df048b3\"\u003e\u003ccode\u003e5487f4f\u003c/code\u003e\u003c/a\u003e release: v6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e\u003ccode\u003e1114b5d\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f12697c0f64b9a37196b9ab218a0911829d5b103\"\u003e\u003ccode\u003ef12697c\u003c/code\u003e\u003c/a\u003e release: v6.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003e\u003ccode\u003eca6455e\u003c/code\u003e\u003c/a\u003e feat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0e173d83681daa31be10fa8a62d56b1ec84690af\"\u003e\u003ccode\u003e0e173d8\u003c/code\u003e\u003c/a\u003e release: v6.3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003e\u003ccode\u003ec59a222\u003c/code\u003e\u003c/a\u003e fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/3f337c5e24504e51188d29c970de1416ee523dbb\"\u003e\u003ccode\u003e3f337c5\u003c/code\u003e\u003c/a\u003e release: v6.3.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v6.4.2/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `vite` from 5.4.21 to 6.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/releases\"\u003evite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.1/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.0/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.7\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.7/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003ev6.3.6\u003c/h2\u003e\n\u003cp\u003ePlease refer to \u003ca href=\"https://github.com/vitejs/vite/blob/v6.3.6/packages/vite/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md\"\u003evite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.2 (2026-04-06)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003efe28e47\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22159\"\u003e#22159\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22163\"\u003e#22163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003eca4da5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/22161\"\u003e#22161\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.4.1 (2025-10-20)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e1114b5d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20968\"\u003e#20968\u003c/a\u003e \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20969\"\u003e#20969\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e6.4.0 (2025-10-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003eca6455e\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20932\"\u003e#20932\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.7 (2025-10-14)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003ec59a222\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20940\"\u003e#20940\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.6 (2025-09-08)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: apply \u003ccode\u003efs.strict\u003c/code\u003e check to HTML files (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20736\"\u003e#20736\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/0ab19ea9fcb66f544328f442cf6e70f7c0528d5f\"\u003e0ab19ea\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20736\"\u003e#20736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: upgrade sirv to 3.0.2 (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20735\"\u003e#20735\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e11d24008b97d4ca731ecc1a3b95260a6d12e7e0\"\u003ee11d240\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20735\"\u003e#20735\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: detect ts support via \u003ccode\u003eprocess.features\u003c/code\u003e (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20544\"\u003e#20544\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/7d9922972b62329d37a71d4da5a4a382d0bf8a79\"\u003e7d99229\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/20544\"\u003e#20544\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.5 (2025-05-05)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(ssr): handle uninitialized export access as undefined (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19959\"\u003e#19959\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/fd38d076fe2455aac1e00a7b15cd51159bf12bb5\"\u003efd38d07\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19959\"\u003e#19959\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.4 (2025-04-30)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: check static serve file inside sirv (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19965\"\u003e#19965\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/c22c43de612eebb6c182dd67850c24e4fab8cacb\"\u003ec22c43d\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19965\"\u003e#19965\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(optimizer): return plain object when using \u003ccode\u003erequire\u003c/code\u003e to import externals in optimized dependenci (\u003ca href=\"https://github.com/vitejs/vite/commit/efc5eab253419fde0a6a48b8d2f233063d6a9643\"\u003eefc5eab\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19940\"\u003e#19940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: remove duplicate plugin context type (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19935\"\u003e#19935\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/d6d01c2292fa4f9603e05b95d81c8724314c20e0\"\u003ed6d01c2\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19935\"\u003e#19935\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003c!-- raw HTML omitted --\u003e6.3.3 (2025-04-24)\u003c!-- raw HTML omitted --\u003e\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: ignore malformed uris in tranform middleware (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/19853\"\u003e#19853\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/commit/e4d520141bcd83ad61f16767348b4a813bf9340a\"\u003ee4d5201\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/vitejs/vite/issues/19853\"\u003e#19853\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/6b3fad02abd550bd7b79934ff92c58dbd7f33045\"\u003e\u003ccode\u003e6b3fad0\u003c/code\u003e\u003c/a\u003e release: v6.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca4da5d1fb45c9cfdce606aa30825095791b164b\"\u003e\u003ccode\u003eca4da5d\u003c/code\u003e\u003c/a\u003e fix: avoid path traversal with optimize deps sourcemap handler (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161\"\u003e#22161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/fe28e47e9463e4c9619f94bfa06d2f8f1411b44b\"\u003e\u003ccode\u003efe28e47\u003c/code\u003e\u003c/a\u003e fix: apply server.fs check to env transport (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159\"\u003e#22159\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22163\"\u003e#22163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/5487f4f641f70c47ea05fd101a4319897df048b3\"\u003e\u003ccode\u003e5487f4f\u003c/code\u003e\u003c/a\u003e release: v6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/1114b5d7ea03e26572708715343bec69db4536e8\"\u003e\u003ccode\u003e1114b5d\u003c/code\u003e\u003c/a\u003e fix(dev): trim trailing slash before \u003ccode\u003eserver.fs.deny\u003c/code\u003e check (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968\"\u003e#20968\u003c/a\u003e) (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20969\"\u003e#20969\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/f12697c0f64b9a37196b9ab218a0911829d5b103\"\u003e\u003ccode\u003ef12697c\u003c/code\u003e\u003c/a\u003e release: v6.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/ca6455ee9eb6111a9caa9810506a1b9ac96a520a\"\u003e\u003ccode\u003eca6455e\u003c/code\u003e\u003c/a\u003e feat: allow passing down resolved config to vite's createServer (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20932\"\u003e#20932\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/0e173d83681daa31be10fa8a62d56b1ec84690af\"\u003e\u003ccode\u003e0e173d8\u003c/code\u003e\u003c/a\u003e release: v6.3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/c59a222aa584c087cfe710173de1b9ecb597a3ff\"\u003e\u003ccode\u003ec59a222\u003c/code\u003e\u003c/a\u003e fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (\u003ca href=\"https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20940\"\u003e#20940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitejs/vite/commit/3f337c5e24504e51188d29c970de1416ee523dbb\"\u003e\u003ccode\u003e3f337c5\u003c/code\u003e\u003c/a\u003e release: v6.3.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/vitejs/vite/commits/v6.4.2/packages/vite\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dompurify` from 3.3.3 to 3.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cure53/DOMPurify/releases\"\u003edompurify's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eDOMPurify 3.4.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eMost relevant changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a problem with \u003ccode\u003eFORBID_TAGS\u003c/code\u003e not winning over \u003ccode\u003eADD_TAGS\u003c/code\u003e, thanks \u003ca href=\"https://github.com/kodareef5\"\u003e\u003ccode\u003e@​kodareef5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed several minor problems and typos regarding MathML attributes, thanks \u003ca href=\"https://github.com/DavidOliver\"\u003e\u003ccode\u003e@​DavidOliver\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eADD_ATTR\u003c/code\u003e/\u003ccode\u003eADD_TAGS\u003c/code\u003e function leaking into subsequent array-based calls, thanks \u003ca href=\"https://github.com/1Jesper1\"\u003e\u003ccode\u003e@​1Jesper1\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a missing \u003ccode\u003eSAFE_FOR_TEMPLATES\u003c/code\u003e scrub in \u003ccode\u003eRETURN_DOM\u003c/code\u003e path, thanks \u003ca href=\"https://github.com/bencalif\"\u003e\u003ccode\u003e@​bencalif\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a prototype pollution via \u003ccode\u003eCUSTOM_ELEMENT_HANDLING\u003c/code\u003e, thanks \u003ca href=\"https://github.com/trace37labs\"\u003e\u003ccode\u003e@​trace37labs\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue with \u003ccode\u003eADD_TAGS\u003c/code\u003e function form bypassing \u003ccode\u003eFORBID_TAGS\u003c/code\u003e, thanks \u003ca href=\"https://github.com/eddieran\"\u003e\u003ccode\u003e@​eddieran\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue with \u003ccode\u003eADD_ATTR\u003c/code\u003e predicates skipping URI validation, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue with \u003ccode\u003eUSE_PROFILES\u003c/code\u003e prototype pollution, thanks \u003ca href=\"https://github.com/christos-eth\"\u003e\u003ccode\u003e@​christos-eth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed an issue leading to possible mXSS via Re-Contextualization, thanks \u003ca href=\"https://github.com/researchatfluidattacks\"\u003e\u003ccode\u003e@​researchatfluidattacks\u003c/code\u003e\u003c/a\u003e and others\u003c/li\u003e\n\u003cli\u003eFixed an issue with closing tags leading to possible mXSS, thanks \u003ca href=\"https://github.com/frevadiscor\"\u003e\u003ccode\u003e@​frevadiscor\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a problem with the type dentition patcher after Node version bump\u003c/li\u003e\n\u003cli\u003eFixed freezing BS runs by reducing the tested browsers array\u003c/li\u003e\n\u003cli\u003eBumped several dependencies where possible\u003c/li\u003e\n\u003cli\u003eAdded needed files for OpenSSF scorecard checks\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003ePublished Advisories are here:\u003c/strong\u003e\n\u003ca href=\"https://github.com/cure53/DOMPurify/security/advisories?state=published\"\u003ehttps://github.com/cure53/DOMPurify/security/advisories?state=published\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cure53/DOMPurify/commit/5b16e0b892e82b1779d62b9928b43c4c4ff290b9\"\u003e\u003ccode\u003e5b16e0b\u003c/code\u003e\u003c/a\u003e Getting 3.x branch ready for 3.4.0 release (\u003ca href=\"https://redirect.github.com/cure53/DOMPurify/issues/1250\"\u003e#1250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/cure53/DOMPurify/compare/3.3.3...3.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `svelte` from 5.55.1 to 5.55.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/svelte/releases\"\u003esvelte's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003esvelte@5.55.7\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: prevent XSS on \u003ccode\u003ehydratable\u003c/code\u003e from user contents (\u003ca href=\"https://github.com/sveltejs/svelte/commit/a16ebc67bbcf8f708360195687e1b2719463e1a4\"\u003e\u003ccode\u003ea16ebc67bbcf8f708360195687e1b2719463e1a4\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: bump devalue (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18219\"\u003e#18219\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: disallow empty attribute names during SSR (\u003ca href=\"https://github.com/sveltejs/svelte/commit/547853e2406a2147ad7fb5ffeba95b01bd9642da\"\u003e\u003ccode\u003e547853e2406a2147ad7fb5ffeba95b01bd9642da\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: harden regex (\u003ca href=\"https://github.com/sveltejs/svelte/commit/d2375e2ebcab5c88feb5652f1a9d621b8f06b259\"\u003e\u003ccode\u003ed2375e2ebcab5c88feb5652f1a9d621b8f06b259\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: move Svelte runtime properties to symbols (\u003ca href=\"https://github.com/sveltejs/svelte/commit/e1cbbd96441e82c9eb8a23a2903c0d06d3cda991\"\u003e\u003ccode\u003ee1cbbd96441e82c9eb8a23a2903c0d06d3cda991\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003esvelte@5.55.6\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: leave stale promises to wait for a later resolution, instead of rejecting (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18180\"\u003e#18180\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: keep dependencies of \u003ccode\u003e$state.eager/pending\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18218\"\u003e#18218\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: reapply context after transforming error during SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18099\"\u003e#18099\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: don't rebase just-created batches (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18117\"\u003e#18117\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: allow \u003ccode\u003enull\u003c/code\u003e for \u003ccode\u003epending\u003c/code\u003e in typings (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18201\"\u003e#18201\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: flush eager effects in production (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18107\"\u003e#18107\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: rethrow error of failed iterable after calling \u003ccode\u003ereturn()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18169\"\u003e#18169\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: account for proxified instance when updating \u003ccode\u003ebind:this\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18147\"\u003e#18147\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: ensure scheduled batch is flushed if not obsolete (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18131\"\u003e#18131\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: resolve stale deriveds with latest value (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18167\"\u003e#18167\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: remove unnecessary \u003ccode\u003eincrement_pending\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18183\"\u003e#18183\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: correctly compile component member expressions for SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18192\"\u003e#18192\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: reset \u003ccode\u003esource.updated\u003c/code\u003e stack traces after \u003ccode\u003eflush\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18196\"\u003e#18196\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: replacing async 'blocking' strategy with 'merging' (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18205\"\u003e#18205\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: allow \u003ccode\u003e@debug\u003c/code\u003e tags to reference awaited variables (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18138\"\u003e#18138\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: re-run fallback props if dependencies update (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18146\"\u003e#18146\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: abort running obsolete async branches (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18118\"\u003e#18118\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md\"\u003esvelte's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.55.7\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: prevent XSS on \u003ccode\u003ehydratable\u003c/code\u003e from user contents (\u003ca href=\"https://github.com/sveltejs/svelte/commit/a16ebc67bbcf8f708360195687e1b2719463e1a4\"\u003e\u003ccode\u003ea16ebc67bbcf8f708360195687e1b2719463e1a4\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: bump devalue (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18219\"\u003e#18219\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: disallow empty attribute names during SSR (\u003ca href=\"https://github.com/sveltejs/svelte/commit/547853e2406a2147ad7fb5ffeba95b01bd9642da\"\u003e\u003ccode\u003e547853e2406a2147ad7fb5ffeba95b01bd9642da\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: harden regex (\u003ca href=\"https://github.com/sveltejs/svelte/commit/d2375e2ebcab5c88feb5652f1a9d621b8f06b259\"\u003e\u003ccode\u003ed2375e2ebcab5c88feb5652f1a9d621b8f06b259\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: move Svelte runtime properties to symbols (\u003ca href=\"https://github.com/sveltejs/svelte/commit/e1cbbd96441e82c9eb8a23a2903c0d06d3cda991\"\u003e\u003ccode\u003ee1cbbd96441e82c9eb8a23a2903c0d06d3cda991\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.55.6\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efix: leave stale promises to wait for a later resolution, instead of rejecting (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18180\"\u003e#18180\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: keep dependencies of \u003ccode\u003e$state.eager/pending\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18218\"\u003e#18218\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: reapply context after transforming error during SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18099\"\u003e#18099\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: don't rebase just-created batches (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18117\"\u003e#18117\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: allow \u003ccode\u003enull\u003c/code\u003e for \u003ccode\u003epending\u003c/code\u003e in typings (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18201\"\u003e#18201\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: flush eager effects in production (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18107\"\u003e#18107\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: rethrow error of failed iterable after calling \u003ccode\u003ereturn()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18169\"\u003e#18169\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: account for proxified instance when updating \u003ccode\u003ebind:this\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18147\"\u003e#18147\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: ensure scheduled batch is flushed if not obsolete (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18131\"\u003e#18131\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: resolve stale deriveds with latest value (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18167\"\u003e#18167\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003echore: remove unnecessary \u003ccode\u003eincrement_pending\u003c/code\u003e calls (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18183\"\u003e#18183\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: correctly compile component member expressions for SSR (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18192\"\u003e#18192\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: reset \u003ccode\u003esource.updated\u003c/code\u003e stack traces after \u003ccode\u003eflush\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18196\"\u003e#18196\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: replacing async 'blocking' strategy with 'merging' (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18205\"\u003e#18205\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: allow \u003ccode\u003e@debug\u003c/code\u003e tags to reference awaited variables (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18138\"\u003e#18138\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: re-run fallback props if dependencies update (\u003ca href=\"https://redirect.github.com/sveltejs/svelte/pull/18146\"\u003e#18146\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/4d8f99a2709e3c02e48d8bc6c77458f4ba49d0e3\"\u003e\u003ccode\u003e4d8f99a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18220\"\u003e#18220\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/05523088173e10af0753877af6936088de924833\"\u003e\u003ccode\u003e0552308\u003c/code\u003e\u003c/a\u003e chore: bump devalue (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18219\"\u003e#18219\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/e1cbbd96441e82c9eb8a23a2903c0d06d3cda991\"\u003e\u003ccode\u003ee1cbbd9\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/a16ebc67bbcf8f708360195687e1b2719463e1a4\"\u003e\u003ccode\u003ea16ebc6\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/d2375e2ebcab5c88feb5652f1a9d621b8f06b259\"\u003e\u003ccode\u003ed2375e2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/547853e2406a2147ad7fb5ffeba95b01bd9642da\"\u003e\u003ccode\u003e547853e\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/55f9c85c09d625c3dd80c71ce7542f57386fafb4\"\u003e\u003ccode\u003e55f9c85\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18158\"\u003e#18158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/a10e8e47a5946623a60a1e36b9023c23926eae87\"\u003e\u003ccode\u003ea10e8e4\u003c/code\u003e\u003c/a\u003e fix: keep dependencies of \u003ccode\u003e$state.eager\u003c/code\u003e/\u003ccode\u003epending\u003c/code\u003e (alternative approach) (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/ef4b97dfabfd7a23b27933e18f7393587c343d66\"\u003e\u003ccode\u003eef4b97d\u003c/code\u003e\u003c/a\u003e fix: duplicated \u0026quot;of\u0026quot; in events.js comment (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18217\"\u003e#18217\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/svelte/commit/5122936edb3c14e9a602e579727479b49cbd3239\"\u003e\u003ccode\u003e5122936\u003c/code\u003e\u003c/a\u003e fix: treat batches as a linked list (\u003ca href=\"https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte/issues/18205\"\u003e#18205\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/svelte/commits/svelte@5.55.7/packages/svelte\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.6.0 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devalue` from 5.6.4 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/releases\"\u003edevalue's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md\"\u003edevalue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/796ea83a76eb7e0f2af376f9c2c875f1d057f50f\"\u003e\u003ccode\u003e796ea83\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/152\"\u003e#152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/206ca6712fbc380a4571c59de9ab04b91110792d\"\u003e\u003ccode\u003e206ca67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/14933f78ff6b712829162628682b0a1993e75d19\"\u003e\u003ccode\u003e14933f7\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/c5115b0074ec298fb4077f6cee5616cefbd13902\"\u003e\u003ccode\u003ec5115b0\u003c/code\u003e\u003c/a\u003e feat: \u003ccode\u003estringifyAsync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/150\"\u003e#150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/67dad450b5db18ea9aa3059d334d8b0ee6704d9e\"\u003e\u003ccode\u003e67dad45\u003c/code\u003e\u003c/a\u003e docs: update README to reflect serialization stability non-goal (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/147\"\u003e#147\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/6eb920a7db6fe388f24f640d0e4e874a57f148fb\"\u003e\u003ccode\u003e6eb920a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/8becc7c436f0d4f85e2e5b32cb49dcfdf4fdec42\"\u003e\u003ccode\u003e8becc7c\u003c/code\u003e\u003c/a\u003e fix: handle regexes consistently in uneval's value and reference formats (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/2eee2e435ea0ea3d495dc7a266486df95a4eb6ed\"\u003e\u003ccode\u003e2eee2e4\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/498656e75d36dfc63a386240722bdeac63337b25\"\u003e\u003ccode\u003e498656e\u003c/code\u003e\u003c/a\u003e DataView support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/5590634db53ed555d3ce2e2024924b30352a6afc\"\u003e\u003ccode\u003e5590634\u003c/code\u003e\u003c/a\u003e Improve platform types support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/devalue/compare/v5.6.4...v5.8.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `picomatch` from 4.0.3 to 4.0.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/micromatch/picomatch/releases\"\u003epicomatch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.0.4\u003c/h2\u003e\n\u003cp\u003eThis is a security release fixing several security relevant issues.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj\"\u003eCVE-2026-33671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p\"\u003eCVE-2026-33672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ehttps://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e5474fc1a4d7991870058170407dda8a42be5334\"\u003e\u003ccode\u003ee5474fc\u003c/code\u003e\u003c/a\u003e Publish 4.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903\"\u003e\u003ccode\u003e4516eb5\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d\"\u003e\u003ccode\u003e5eceecd\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/0db7dd70651ca7c8265601c0442a996ed32e3238\"\u003e\u003ccode\u003e0db7dd7\u003c/code\u003e\u003c/a\u003e Run benchmark again against latest minimatch version (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/161\"\u003e#161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/95003777eb1c60dec09495a8231fa2ba4054d76a\"\u003e\u003ccode\u003e9500377\u003c/code\u003e\u003c/a\u003e docs: clarify what brace expansion syntax is and isn't supported (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/2661f23eca86c8b4a2b14815b9b2b3b74bd5a171\"\u003e\u003ccode\u003e2661f23\u003c/code\u003e\u003c/a\u003e fix typo in globstars.js test name (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/138\"\u003e#138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/1798b07e9df59500b9cf567294d44d559032f4c7\"\u003e\u003ccode\u003e1798b07\u003c/code\u003e\u003c/a\u003e docs: fix \u003ccode\u003emakeRe\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/9d76bc57a03b7f57cc4ca516c8071daf632bafd8\"\u003e\u003ccode\u003e9d76bc5\u003c/code\u003e\u003c/a\u003e chore: undocument removed options (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/e4d718bbfb47e4f030ab2612b5b04a9297fe272d\"\u003e\u003ccode\u003ee4d718b\u003c/code\u003e\u003c/a\u003e Remove unused time-require (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/160\"\u003e#160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/micromatch/picomatch/commit/38dffeb16221cc8eb8981524fb6895dd2aaaba76\"\u003e\u003ccode\u003e38dffeb\u003c/code\u003e\u003c/a\u003e chore(deps): pin dependencies (\u003ca href=\"https://redirect.github.com/micromatch/picomatch/issues/158\"\u003e#158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protocol-buffers-schema` from 3.6.0 to 3.6.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/commit/46c34bd3199aa1e32374a1af59d02413b9ea197a\"\u003e\u003ccode\u003e46c34bd\u003c/code\u003e\u003c/a\u003e 3.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/commit/2351031dd6f1d58930b8e46548e91b1e96f7c20c\"\u003e\u003ccode\u003e2351031\u003c/code\u003e\u003c/a\u003e Fixed parse.js to prevent Prototype Pollution (\u003ca href=\"https://redirect.github.com/mafintosh/protocol-buffers-schema/issues/70\"\u003e#70\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mafintosh/protocol-buffers-schema/compare/v3.6.0...v3.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/seanmorley15/AdventureLog/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/seanmorley15/AdventureLog/pull/1141","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/seanmorley15%2FAdventureLog/issues/1141","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1141/packages"}},{"old_version":"0.6.0","new_version":"0.7.0","update_type":"minor","path":"the npm_and_yarn group across 1 directory","pr_created_at":"2026-05-14T22:06:48.000Z","version_change":"0.6.0 → 0.7.0","issue":{"uuid":"4449654681","node_id":"PR_kwDOPPEFa87bs37W","number":481,"state":"open","title":"Bump cookie from 0.6.0 to 0.7.0 in the npm_and_yarn group across 1 directory","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-14T22:06:48.000Z","updated_at":"2026-05-14T22:09:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"cookie","old_version":"0.6.0","new_version":"0.7.0","repository_url":"https://github.com/jshttp/cookie"}],"path":"the npm_and_yarn group across 1 directory","ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the / directory: [cookie](https://github.com/jshttp/cookie).\n\nUpdates `cookie` from 0.6.0 to 0.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eperf: parse cookies ~10% faster (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e by \u003ca href=\"https://github.com/kurtextrem\"\u003e\u003ccode\u003e@​kurtextrem\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: narrow the validation of cookies to match RFC6265 (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/167\"\u003e#167\u003c/a\u003e by \u003ca href=\"https://github.com/bewinsnw\"\u003e\u003ccode\u003e@​bewinsnw\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: add \u003ccode\u003emain\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e for rspack (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/166\"\u003e#166\u003c/a\u003e by \u003ca href=\"https://github.com/proudparrot2\"\u003e\u003ccode\u003e@​proudparrot2\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\"\u003ehttps://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627\"\u003e\u003ccode\u003eab057d6\u003c/code\u003e\u003c/a\u003e 0.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542\"\u003e\u003ccode\u003e5f02ca8\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579\"\u003e\u003ccode\u003ea5d591c\u003c/code\u003e\u003c/a\u003e Migrate history to GitHub releases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105\"\u003e\u003ccode\u003e51968f9\u003c/code\u003e\u003c/a\u003e Skip isNaN\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc\"\u003e\u003ccode\u003e9e7ca51\u003c/code\u003e\u003c/a\u003e perf(parse): cache length, return early (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/d6f39b0aab5521a8b118b466a515fd6eb0b9f65e\"\u003e\u003ccode\u003ed6f39b0\u003c/code\u003e\u003c/a\u003e Fix tests for old node\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6bb701f14e59c5e768933bfae9b578db4ed26c6e\"\u003e\u003ccode\u003e6bb701f\u003c/code\u003e\u003c/a\u003e Remove failing scorecard\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/ca70da4ddccf7daab7ad7e86e8c83d6a0123ba73\"\u003e\u003ccode\u003eca70da4\u003c/code\u003e\u003c/a\u003e test(serialize): additional tests for name, domain and path RFC validations (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/47917c9c2c56887c53d68e23159a7e1c3f7cb958\"\u003e\u003ccode\u003e47917c9\u003c/code\u003e\u003c/a\u003e Iterate whitespace for perf (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/927d48a18fc82828d3726e18927003db330247bb\"\u003e\u003ccode\u003e927d48a\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003emain\u003c/code\u003e to \u003ccode\u003epackage.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cookie\u0026package-manager=npm_and_yarn\u0026previous-version=0.6.0\u0026new-version=0.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/a-novel-kit/nodelib/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/a-novel-kit/nodelib/pull/481","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/a-novel-kit%2Fnodelib/issues/481","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/481/packages"}},{"old_version":"0.6.0","new_version":"1.1.1","update_type":"major","path":null,"pr_created_at":"2026-05-14T21:33:16.000Z","version_change":"0.6.0 → 1.1.1","issue":{"uuid":"4449451033","node_id":"PR_kwDOG_X9nM7bsM6d","number":996,"state":"closed","title":"Bump the npm_and_yarn group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-14T22:29:52.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-14T21:33:16.000Z","updated_at":"2026-05-14T22:29:54.000Z","time_to_close":3396,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"npm_and_yarn","update_count":16,"packages":[{"name":"@hono/node-server","old_version":"1.19.9","new_version":"1.19.14","repository_url":"https://github.com/honojs/node-server"},{"name":"brace-expansion","old_version":"1.1.12","new_version":"2.0.3"},{"name":"cookie","old_version":"0.6.0","new_version":"1.1.1"},{"name":"devalue","old_version":"5.6.3","new_version":"5.8.1"},{"name":"diff","old_version":"7.0.0","new_version":"9.0.0"},{"name":"fast-uri","old_version":"3.1.0","new_version":"3.1.2"},{"name":"flatted","old_version":"3.3.3","new_version":"3.4.2"},{"name":"immutable","old_version":"5.1.3","new_version":"5.1.5"},{"name":"js-yaml","old_version":"3.14.1","new_version":"4.1.1"},{"name":"lodash","old_version":"4.17.21","new_version":"4.18.1"},{"name":"markdown-it","old_version":"14.1.0","new_version":"14.1.1"},{"name":"minimatch","old_version":"3.1.2","new_version":"9.0.9"}],"path":null,"ecosystem":"npm"},"body":"Bumps the npm_and_yarn group with 1 update in the / directory: [@hono/node-server](https://github.com/honojs/node-server).\n\nUpdates `@hono/node-server` from 1.19.9 to 1.19.14\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/honojs/node-server/releases\"\u003e@​hono/node-server's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.19.14\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: add custom inspect to lightweight Request/Response to prevent TypeError on console.log by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/340\"\u003ehonojs/node-server#340\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.13...v1.19.14\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.13...v1.19.14\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.13\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an issue in Serve Static Middleware where inconsistent handling of repeated slashes (\u003ccode\u003e//\u003c/code\u003e) between the router and static file resolution could allow middleware to be bypassed. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-92pp-h63x-v22m for details.\u003c/p\u003e\n\u003ch2\u003ev1.19.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: ignore claude setting by \u003ca href=\"https://github.com/yusukebe\"\u003e\u003ccode\u003e@​yusukebe\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/314\"\u003ehonojs/node-server#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: request draining for early 413 responses by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/329\"\u003ehonojs/node-server#329\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.11...v1.19.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.11\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: do not overwrite Content-Length in the fast path pattern if Content-Length already exists. by \u003ca href=\"https://github.com/usualoma\"\u003e\u003ccode\u003e@​usualoma\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/honojs/node-server/pull/309\"\u003ehonojs/node-server#309\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\"\u003ehttps://github.com/honojs/node-server/compare/v1.19.10...v1.19.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.19.10\u003c/h2\u003e\n\u003ch2\u003eSecurity Fix\u003c/h2\u003e\n\u003cp\u003eFixed an authorization bypass in Serve Static Middleware caused by inconsistent URL decoding (\u003ccode\u003e%2F\u003c/code\u003e handling) between the router and static file resolution. Users of Serve Static Middleware are encouraged to upgrade to this version.\u003c/p\u003e\n\u003cp\u003eSee GHSA-wc8c-qw6v-h7f6 for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/b5e63a366d9b0ef62ac65fcafd7f69b383b03ff5\"\u003e\u003ccode\u003eb5e63a3\u003c/code\u003e\u003c/a\u003e 1.19.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/c02d7770a2d29ea473403211bef0a60639885a28\"\u003e\u003ccode\u003ec02d777\u003c/code\u003e\u003c/a\u003e fix: add custom inspect to lightweight Request/Response to prevent TypeError ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/fd64e659a34ec661fd9ccda00d1b9dff88dfaf90\"\u003e\u003ccode\u003efd64e65\u003c/code\u003e\u003c/a\u003e 1.19.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/025c30f55d589ddbe6048b151d77e904f67a8cc2\"\u003e\u003ccode\u003e025c30f\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/6cdb5a724952f3df5748e435637792068ebea6d9\"\u003e\u003ccode\u003e6cdb5a7\u003c/code\u003e\u003c/a\u003e 1.19.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/70250f780ec99d2ddc0dd8275a42f8e091e06e94\"\u003e\u003ccode\u003e70250f7\u003c/code\u003e\u003c/a\u003e fix: request draining for early 413 responses (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/329\"\u003e#329\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/cfc08b330a1f2e0a2d8cc7797cde389465b5f4fb\"\u003e\u003ccode\u003ecfc08b3\u003c/code\u003e\u003c/a\u003e chore: ignore claude setting (\u003ca href=\"https://redirect.github.com/honojs/node-server/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/ecd4d6be55117005acfd60a22d90c4818618507b\"\u003e\u003ccode\u003eecd4d6b\u003c/code\u003e\u003c/a\u003e 1.19.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/c94489955ebd855630b703022837f7fe5f925111\"\u003e\u003ccode\u003ec944899\u003c/code\u003e\u003c/a\u003e fix: do not overwrite Content-Length in the fast path pattern if Content-Leng...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/honojs/node-server/commit/2f8ca3665f5257305603783ec9999bd1a9bec0f2\"\u003e\u003ccode\u003e2f8ca36\u003c/code\u003e\u003c/a\u003e 1.19.10\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/honojs/node-server/compare/v1.19.9...v1.19.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `brace-expansion` from 1.1.12 to 2.0.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/juliangruber/brace-expansion/releases\"\u003ebrace-expansion's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epkg: publish on tag 2.x  14f1d91\u003c/li\u003e\n\u003cli\u003efmt  ed7780a\u003c/li\u003e\n\u003cli\u003eFix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)  36603d5\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\"\u003ehttps://github.com/juliangruber/brace-expansion/compare/v2.0.1...v2.0.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/73b5459d2ab973c984d01324769d306f66440c7e\"\u003e\u003ccode\u003e73b5459\u003c/code\u003e\u003c/a\u003e 2.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5\"\u003e\u003ccode\u003e311ac0d\u003c/code\u003e\u003c/a\u003e Backport fix for GHSA-f886-m6hf-6m8v to v2 (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/a3efcee659ef0fb381e2b50d759c720900580a15\"\u003e\u003ccode\u003ea3efcee\u003c/code\u003e\u003c/a\u003e 2.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/14f1d91b0523ffb0c8bbe6a28dc98ddc56ae53bc\"\u003e\u003ccode\u003e14f1d91\u003c/code\u003e\u003c/a\u003e pkg: publish on tag 2.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/ed7780ab1cb8a7696f1813b5a945fcc70d8d1990\"\u003e\u003ccode\u003eed7780a\u003c/code\u003e\u003c/a\u003e fmt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/36603d5f3599a37af9e85eda30acd7d28599c36e\"\u003e\u003ccode\u003e36603d5\u003c/code\u003e\u003c/a\u003e Fix potential ReDoS Vulnerability or Inefficient Regular Expression (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/b9c0e57027317a8d0a56a7ccee28fc478d847da2\"\u003e\u003ccode\u003eb9c0e57\u003c/code\u003e\u003c/a\u003e 2.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/4d96d7dbca632806263efb0da8d1e9d8a2143cc2\"\u003e\u003ccode\u003e4d96d7d\u003c/code\u003e\u003c/a\u003e switch to fork of matcha that works on node\u0026gt;12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/bc482fba0a225be53f5ba92e62f6c9255a933261\"\u003e\u003ccode\u003ebc482fb\u003c/code\u003e\u003c/a\u003e Ignore only blocks that begins with $ (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/49\"\u003e#49\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/juliangruber/brace-expansion/commit/7b31e5c518f47022a8e29515da0c854cc8aae9fe\"\u003e\u003ccode\u003e7b31e5c\u003c/code\u003e\u003c/a\u003e Adds travis jobs on ppc64le (\u003ca href=\"https://redirect.github.com/juliangruber/brace-expansion/issues/48\"\u003e#48\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v2.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cookie` from 0.6.0 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.6.0...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `devalue` from 5.6.3 to 5.8.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/releases\"\u003edevalue's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sveltejs/devalue/blob/main/CHANGELOG.md\"\u003edevalue's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.8.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e206ca67: fix: force sparse arrays to allocate sparsely\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ec5115b0: feat: add \u003ccode\u003estringifyAsync\u003c/code\u003e for async serialization\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.1\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e8becc7c: fix: handle regexes consistently in uneval's value and reference formats\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edf2e284: feat: use native alternatives to encode/decode base64\u003c/li\u003e\n\u003cli\u003e498656e: feat: add \u003ccode\u003eDataView\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003ea210130: feat: whitelist \u003ccode\u003eFloat16Array\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003edf2e284: feat: simplify TypedArray slices\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e5590634: fix: get \u003ccode\u003euneval\u003c/code\u003e type handling up to parity with \u003ccode\u003estringify\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e57f73fc: fix: correctly support boxed bigints and sentinel values\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.6.4\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: reject \u003ccode\u003e__proto__\u003c/code\u003e keys in malformed \u003ccode\u003eObject\u003c/code\u003e wrapper payloads\u003c/p\u003e\n\u003cp\u003eThis validates the \u003ccode\u003e\u0026quot;Object\u0026quot;\u003c/code\u003e parse path and throws when the wrapped value has an own \u003ccode\u003e__proto__\u003c/code\u003e key.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e40f1db1: fix: ensure sparse array indices are integers\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e87c1f3c: fix: disallow \u003ccode\u003e__proto__\u003c/code\u003e keys in null-prototype object parsing\u003c/p\u003e\n\u003cp\u003eThis disallows \u003ccode\u003e__proto__\u003c/code\u003e keys in the \u003ccode\u003e\u0026quot;null\u0026quot;\u003c/code\u003e parse path so null-prototype object hydration cannot carry that key through parse/unflatten.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/796ea83a76eb7e0f2af376f9c2c875f1d057f50f\"\u003e\u003ccode\u003e796ea83\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/152\"\u003e#152\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/206ca6712fbc380a4571c59de9ab04b91110792d\"\u003e\u003ccode\u003e206ca67\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/14933f78ff6b712829162628682b0a1993e75d19\"\u003e\u003ccode\u003e14933f7\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/151\"\u003e#151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/c5115b0074ec298fb4077f6cee5616cefbd13902\"\u003e\u003ccode\u003ec5115b0\u003c/code\u003e\u003c/a\u003e feat: \u003ccode\u003estringifyAsync\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/150\"\u003e#150\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/67dad450b5db18ea9aa3059d334d8b0ee6704d9e\"\u003e\u003ccode\u003e67dad45\u003c/code\u003e\u003c/a\u003e docs: update README to reflect serialization stability non-goal (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/147\"\u003e#147\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/6eb920a7db6fe388f24f640d0e4e874a57f148fb\"\u003e\u003ccode\u003e6eb920a\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/146\"\u003e#146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/8becc7c436f0d4f85e2e5b32cb49dcfdf4fdec42\"\u003e\u003ccode\u003e8becc7c\u003c/code\u003e\u003c/a\u003e fix: handle regexes consistently in uneval's value and reference formats (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/2eee2e435ea0ea3d495dc7a266486df95a4eb6ed\"\u003e\u003ccode\u003e2eee2e4\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/144\"\u003e#144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/498656e75d36dfc63a386240722bdeac63337b25\"\u003e\u003ccode\u003e498656e\u003c/code\u003e\u003c/a\u003e DataView support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/143\"\u003e#143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sveltejs/devalue/commit/5590634db53ed555d3ce2e2024924b30352a6afc\"\u003e\u003ccode\u003e5590634\u003c/code\u003e\u003c/a\u003e Improve platform types support (\u003ca href=\"https://redirect.github.com/sveltejs/devalue/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sveltejs/devalue/compare/v5.6.3...v5.8.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `diff` from 7.0.0 to 9.0.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kpdecker/jsdiff/blob/master/release-notes.md\"\u003ediff's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.0.0\u003c/h2\u003e\n\u003cp\u003e(All changes part of PR \u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/672\"\u003e#672\u003c/a\u003e.)\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eES5 support is dropped\u003c/strong\u003e. \u003ccode\u003eparsePatch\u003c/code\u003e now uses \u003ccode\u003eTextDecoder\u003c/code\u003e and \u003ccode\u003eUint8Array\u003c/code\u003e, which are not available in ES5, and TypeScript is now compiled with the \u0026quot;es6\u0026quot; \u003ccode\u003etarget\u003c/code\u003e. From now on, I intend to freely use any features that are deemed \u0026quot;Widely available\u0026quot; by \u003ca href=\"https://web.dev/baseline\"\u003eBaseline\u003c/a\u003e. Users who need ES5 support should stick to version 8.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eC-style quoted strings in filename headers are now properly supported\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eWhen the name of either the old or new file in a patch contains \u0026quot;special characters\u0026quot;, both GNU \u003ccode\u003ediff\u003c/code\u003e and Git quote the filename in the patch's headers and escape special characters using the same escape sequences that are used in string literals in C, including octal escapes for all non-ASCII characters. Previously, jsdiff had very little support for this; \u003ccode\u003eparsePatch\u003c/code\u003e would remove the quotes, and unescape any escaped backslashes, but would not unescape other escape sequences. \u003ccode\u003eformatPatch\u003c/code\u003e, meanwhile, did not quote or escape special characters at all.\u003c/p\u003e\n\u003cp\u003eNow, \u003ccode\u003eparsePatch\u003c/code\u003e parses all the possible escape sequences that GNU diff (or Git) ever output, and \u003ccode\u003eformatPatch\u003c/code\u003e quotes and escapes filenames containing special characters in the same way GNU diff does.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e now omits file headers when \u003ccode\u003eoldFileName\u003c/code\u003e or \u003ccode\u003enewFileName\u003c/code\u003e in the provided patch object are \u003ccode\u003eundefined\u003c/code\u003e\u003c/strong\u003e, regardless of the \u003ccode\u003eheaderOptions\u003c/code\u003e parameter. (Previously, it would treat the absence of \u003ccode\u003eoldFileName\u003c/code\u003e or \u003ccode\u003enewFileName\u003c/code\u003e as indicating the filename was the word \u0026quot;undefined\u0026quot; and emit headers \u003ccode\u003e--- undefined\u003c/code\u003e / \u003ccode\u003e+++ undefined\u003c/code\u003e.)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e no longer outputs trailing tab characters at the end of \u003ccode\u003e---\u003c/code\u003e/\u003ccode\u003e+++\u003c/code\u003e headers.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003ePreviously, if \u003ccode\u003eformatPatch\u003c/code\u003e was passed a patch object to serialize that had empty strings for the \u003ccode\u003eoldHeader\u003c/code\u003e or \u003ccode\u003enewHeader\u003c/code\u003e property, it would include a trailing tab character after the filename in the \u003ccode\u003e---\u003c/code\u003e and/or \u003ccode\u003e+++\u003c/code\u003e file header. Now, this scenario is treated the same as when \u003ccode\u003eoldHeader\u003c/code\u003e/\u003ccode\u003enewHeader\u003c/code\u003e is \u003ccode\u003eundefined\u003c/code\u003e - i.e. the trailing tab is omitted.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eformatPatch\u003c/code\u003e no longer mutates its input\u003c/strong\u003e when serializing a patch containing a hunk where either the old or new content contained zero lines. (Such a hunk occurs only when the hunk has no context lines and represents a pure insertion or pure deletion, which for instance will occur whenever one of the two files being diffed is completely empty.) Previously \u003ccode\u003eformatPatch\u003c/code\u003e would provide the correct output but also mutate the \u003ccode\u003eoldLines\u003c/code\u003e or \u003ccode\u003enewLines\u003c/code\u003e property on the hunk, changing the meaning of the underlying patch.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eGit-style patches are now supported by \u003ccode\u003eparsePatch\u003c/code\u003e, \u003ccode\u003eformatPatch\u003c/code\u003e, and \u003ccode\u003ereversePatch\u003c/code\u003e\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003ePatches output by \u003ccode\u003egit diff\u003c/code\u003e can include some features that are unlike those output by GNU \u003ccode\u003ediff\u003c/code\u003e, and therefore not handled by an ordinary unified diff format parser. An ordinary diff simply describes the differences between the \u003cem\u003econtent\u003c/em\u003e of two files, but Git diffs can also indicate, via \u0026quot;extended headers\u0026quot;, the creation or deletion of (potentially empty) files, indicate that a file was renamed, and contain information about file mode changes. Furthermore, when these changes appear in a diff in the absence of a content change (e.g. when an empty file is created, or a file is renamed without content changes), the patch will contain no associated \u003ccode\u003e---\u003c/code\u003e/\u003ccode\u003e+++\u003c/code\u003e file headers nor any hunks.\u003c/p\u003e\n\u003cp\u003ejsdiff previously did not support parsing Git's extended headers, nor hunkless patches. Now \u003ccode\u003eparsePatch\u003c/code\u003e parses some of the extended headers, parses hunkless Git patches, and can determine filenames (e.g. from the extended headers) when parsing a patch that includes no \u003ccode\u003e---\u003c/code\u003e or \u003ccode\u003e+++\u003c/code\u003e file headers. The additional information conveyed by the extended headers we support is recorded on new fields on the result object returned by \u003ccode\u003eparsePatch\u003c/code\u003e. See \u003ccode\u003eisGit\u003c/code\u003e and subsequent properties in the docs in the README.md file.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003eformatPatch\u003c/code\u003e now outputs extended headers based on these new Git-specific properties, and \u003ccode\u003ereversePatch\u003c/code\u003e respects them as far as possible (with one unavoidable caveat noted in the README.md file).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eUnpaired file headers now cause \u003ccode\u003eparsePatch\u003c/code\u003e to throw\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eIt remains acceptable to have a patch with no file headers whatsoever (e.g. one that begins with a \u003ccode\u003e@@\u003c/code\u003e hunk header on the very first line), but a patch with \u003cem\u003eonly\u003c/em\u003e a \u003ccode\u003e---\u003c/code\u003e header or only a \u003ccode\u003e+++\u003c/code\u003e header is now considered an error.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003eparsePatch\u003c/code\u003e is now more tolerant of \u0026quot;trailing garbage\u0026quot;\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThat is: after a patch, or between files/indexes in a patch, it is now acceptable to have arbitrary lines of \u0026quot;garbage\u0026quot; (so long as they unambiguously have no syntactic meaning - e.g. trailing garbage that leads with a \u003ccode\u003e+\u003c/code\u003e, \u003ccode\u003e-\u003c/code\u003e, or \u003ccode\u003e \u003c/code\u003e and thus is interpretable as part of a hunk still triggers a throw).\u003c/p\u003e\n\u003cp\u003eThis means we no longer reject patches output by tools that include extra data in \u0026quot;garbage\u0026quot; lines not understood by generic unified diff parsers. (For example, SVN patches can include \u0026quot;Property changes on:\u0026quot; lines that generic unified diff parsers should discard as garbage; jsdiff previously threw errors when encountering them.)\u003c/p\u003e\n\u003cp\u003eThis change brings jsdiff's behaviour more in line with GNU \u003ccode\u003epatch\u003c/code\u003e, which is highly permissive of \u0026quot;garbage\u0026quot;.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eThe \u003ccode\u003eoldFileName\u003c/code\u003e and \u003ccode\u003enewFileName\u003c/code\u003e fields of \u003ccode\u003eStructuredPatch\u003c/code\u003e are now typed as \u003ccode\u003estring | undefined\u003c/code\u003e instead of \u003ccode\u003estring\u003c/code\u003e\u003c/strong\u003e. This type change reflects the (pre-existing) reality that \u003ccode\u003eparsePatch\u003c/code\u003e can produce patches without filenames (e.g. when parsing a patch that simply contains hunks with no file headers).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/667\"\u003e#667\u003c/a\u003e - \u003cstrong\u003efix another bug in \u003ccode\u003ediffWords\u003c/code\u003e when used with an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e\u003c/strong\u003e. If the text to be diffed included a combining mark after a whitespace character (i.e. roughly speaking, an accented space), \u003ccode\u003ediffWords\u003c/code\u003e would previously crash. Now this case is handled correctly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/631\"\u003e#631\u003c/a\u003e - \u003cstrong\u003efix support for using an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e with \u003ccode\u003ediffWords\u003c/code\u003e\u003c/strong\u003e. This has been almost completely broken since the feature was added in v6.0.0, since it would outright crash on any text that featured two consecutive newlines between a pair of words (a very common case).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/pull/635\"\u003e#635\u003c/a\u003e - \u003cstrong\u003esmall tweaks to tokenization behaviour of \u003ccode\u003ediffWords\u003c/code\u003e\u003c/strong\u003e when used \u003cem\u003ewithout\u003c/em\u003e an \u003ccode\u003eIntl.Segmenter\u003c/code\u003e. Specifically, the soft hyphen (U+00AD) is no longer considered to be a word break, and the multiplication and division signs (\u003ccode\u003e×\u003c/code\u003e and \u003ccode\u003e÷\u003c/code\u003e) are now treated as punctuation instead of as letters / word characters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/ed13aca03aa25735fafc0645d1185e7a1c68fd8c\"\u003e\u003ccode\u003eed13aca\u003c/code\u003e\u003c/a\u003e Update version in package.json and in release notes (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/683\"\u003e#683\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/7a49317b503a932b88fc72ad9c57a481df038e24\"\u003e\u003ccode\u003e7a49317\u003c/code\u003e\u003c/a\u003e Bump dependencies again (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/682\"\u003e#682\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/afe5aecad189c9f5941ad3feb3c94c46b32ecb0a\"\u003e\u003ccode\u003eafe5aec\u003c/code\u003e\u003c/a\u003e Add Git support, and otherwise variously improve \u0026amp; fix parsePatch (and other ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/2e46779d8866ce7da1303a03db33ed038590c6f6\"\u003e\u003ccode\u003e2e46779\u003c/code\u003e\u003c/a\u003e Fix a typo (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/679\"\u003e#679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/dd2f99497703a1540b2ae406b51c49b74b5fc1a1\"\u003e\u003ccode\u003edd2f994\u003c/code\u003e\u003c/a\u003e 8.0.4 release (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/3cc438434db53c5d1c40412b727ea7650f6f145a\"\u003e\u003ccode\u003e3cc4384\u003c/code\u003e\u003c/a\u003e Update docs on releasing to reflect migration to yarn berry (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/677\"\u003e#677\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/6fc2aa6b7672af08774b50aae00d97b99c5b5715\"\u003e\u003ccode\u003e6fc2aa6\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/676\"\u003e#676\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/af7393ac3404565dc8da655c2e7aeeed28c01ff7\"\u003e\u003ccode\u003eaf7393a\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/670\"\u003e#670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/4b5d1800370bf29b61a3378fb8086aeb231d3ef7\"\u003e\u003ccode\u003e4b5d180\u003c/code\u003e\u003c/a\u003e Fix another bug in diffWords's \u0026quot;intlSegmenter\u0026quot; mode (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/667\"\u003e#667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kpdecker/jsdiff/commit/10da50c466709e7bd4b192dac96af0af46f8b7bd\"\u003e\u003ccode\u003e10da50c\u003c/code\u003e\u003c/a\u003e yarn up '*' \u0026amp;\u0026amp; yarn up -R '**' (\u003ca href=\"https://redirect.github.com/kpdecker/jsdiff/issues/666\"\u003e#666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kpdecker/jsdiff/compare/7.0.0...v9.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fast-uri` from 3.1.0 to 3.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastify/fast-uri/releases\"\u003efast-uri's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.2\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHandle malformed fragment decoding as a parse error by \u003ca href=\"https://github.com/mcollina\"\u003e\u003ccode\u003e@​mcollina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/171\"\u003efastify/fast-uri#171\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e⚠️ Security Release\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\"\u003ehttps://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump tsd from 0.32.0 to 0.33.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/148\"\u003efastify/fast-uri#148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/149\"\u003efastify/fast-uri#149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(.npmrc): ignore scripts by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/150\"\u003efastify/fast-uri#150\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): remove \u003ccode\u003e@​fastify/pre-commit\u003c/code\u003e by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/151\"\u003efastify/fast-uri#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/152\"\u003efastify/fast-uri#152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(ci): add concurrency config by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/153\"\u003efastify/fast-uri#153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-node from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/154\"\u003efastify/fast-uri#154\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/156\"\u003efastify/fast-uri#156\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(license): standardise license notice by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/159\"\u003efastify/fast-uri#159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estyle: remove trailing whitespace by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/161\"\u003efastify/fast-uri#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: remove unused github files by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update readme by \u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/164\"\u003efastify/fast-uri#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/165\"\u003efastify/fast-uri#165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/166\"\u003efastify/fast-uri#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/167\"\u003efastify/fast-uri#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add lock-threads workflow by \u003ca href=\"https://github.com/Fdawgs\"\u003e\u003ccode\u003e@​Fdawgs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/169\"\u003efastify/fast-uri#169\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Tony133\"\u003e\u003ccode\u003e@​Tony133\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/fastify/fast-uri/pull/162\"\u003efastify/fast-uri#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1\"\u003ehttps://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/919dd8ea7689fcc220d0d9b71307f5095e723ef9\"\u003e\u003ccode\u003e919dd8e\u003c/code\u003e\u003c/a\u003e Bumped v3.1.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/c65ba573714af6b8e19e481d9444c27bc4355d07\"\u003e\u003ccode\u003ec65ba57\u003c/code\u003e\u003c/a\u003e fixup: linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/6c86c17c3d76fb93aa3700ec6c0fa00faeb97293\"\u003e\u003ccode\u003e6c86c17\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/a95158ad308df4d92bbde4eba699ce5165e9f796\"\u003e\u003ccode\u003ea95158a\u003c/code\u003e\u003c/a\u003e Handle malformed fragment decoding without throwing (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/171\"\u003e#171\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/cea547c91c6aae610041b17b75792ca4aa035a6d\"\u003e\u003ccode\u003ecea547c\u003c/code\u003e\u003c/a\u003e Bumped v3.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/876ce79b662c3e5015e4e7dffe6f37752ad34f35\"\u003e\u003ccode\u003e876ce79\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/dcdf690b71a7bb3a19887ada65a9ab160d83bcc0\"\u003e\u003ccode\u003edcdf690\u003c/code\u003e\u003c/a\u003e ci: add lock-threads workflow (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/c860e6589b1ac346f66e114b4eadb9613768108c\"\u003e\u003ccode\u003ec860e65\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/9b4c6dc82fde0ca44e674403ece9185d85bb6d5f\"\u003e\u003ccode\u003e9b4c6dc\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (\u003ca href=\"https://redirect.github.com/fastify/fast-uri/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastify/fast-uri/commit/85d09a9f7aa76b32c2bb005a90a71e144c361d24\"\u003e\u003ccode\u003e85d09a9\u003c/code\u003e\u003c/a\u003e build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-mana...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flatted` from 3.3.3 to 3.4.2\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7\"\u003e\u003ccode\u003e3bf0909\u003c/code\u003e\u003c/a\u003e 3.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802\"\u003e\u003ccode\u003e885ddcc\u003c/code\u003e\u003c/a\u003e fix CWE-1321\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3\"\u003e\u003ccode\u003e0bdba70\u003c/code\u003e\u003c/a\u003e added flatted-view to the benchmark\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20\"\u003e\u003ccode\u003e2a02dce\u003c/code\u003e\u003c/a\u003e 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416\"\u003e\u003ccode\u003efba4e8f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/WebReflection/flatted/issues/89\"\u003e#89\u003c/a\u003e from WebReflection/python-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7\"\u003e\u003ccode\u003e5fe8648\u003c/code\u003e\u003c/a\u003e added \u0026quot;when in Rome\u0026quot; also a test for PHP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0\"\u003e\u003ccode\u003e53517ad\u003c/code\u003e\u003c/a\u003e some minor improvement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f\"\u003e\u003ccode\u003eb3e2a0c\u003c/code\u003e\u003c/a\u003e Fixing recursion issue in Python too\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad\"\u003e\u003ccode\u003ec4b46db\u003c/code\u003e\u003c/a\u003e Add SECURITY.md for security policy and reporting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988\"\u003e\u003ccode\u003ef86d071\u003c/code\u003e\u003c/a\u003e Create dependabot.yml for version updates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `immutable` from 5.1.3 to 5.1.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/releases\"\u003eimmutable's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.1.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003cli\u003eUpgrade devtools and use immutable version by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2158\"\u003eimmutable-js/immutable-js#2158\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v5.1.4...v5.1.5\"\u003ehttps://github.com/immutable-js/immutable-js/compare/v5.1.4...v5.1.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.1.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2131\"\u003eimmutable-js/immutable-js#2131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse npm \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003etrusted publishing only\u003c/a\u003e to avoid token stealing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/a11y issues by \u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDoc add Map.get signature update by \u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(doc):minor-issues#2132 by \u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix algolia search by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2135\"\u003eimmutable-js/immutable-js#2135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in OrderedMap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2144\"\u003eimmutable-js/immutable-js#2144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Sort all imports and activate eslint import rule by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2119\"\u003eimmutable-js/immutable-js#2119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v5.1.3...v5.1.4\"\u003ehttps://github.com/immutable-js/immutable-js/compare/v5.1.3...v5.1.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md\"\u003eimmutable's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in immutable\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e5.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate some files to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2125\"\u003eimmutable-js/immutable-js#2125\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIterator.ts\u003c/li\u003e\n\u003cli\u003ePairSorting.ts\u003c/li\u003e\n\u003cli\u003etoJS.ts\u003c/li\u003e\n\u003cli\u003eMath.ts\u003c/li\u003e\n\u003cli\u003eHash.ts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eExtract CollectionHelperMethods and convert to TS by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2131\"\u003eimmutable-js/immutable-js#2131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse npm \u003ca href=\"https://docs.npmjs.com/trusted-publishers\"\u003etrusted publishing only\u003c/a\u003e to avoid token stealing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/a11y issues by \u003ca href=\"https://github.com/lyannel\"\u003e\u003ccode\u003e@​lyannel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2136\"\u003eimmutable-js/immutable-js#2136\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDoc add Map.get signature update by \u003ca href=\"https://github.com/borracciaBlu\"\u003e\u003ccode\u003e@​borracciaBlu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2138\"\u003eimmutable-js/immutable-js#2138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(doc):minor-issues#2132 by \u003ca href=\"https://github.com/JayMeDotDot\"\u003e\u003ccode\u003e@​JayMeDotDot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2133\"\u003eimmutable-js/immutable-js#2133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix algolia search by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2135\"\u003eimmutable-js/immutable-js#2135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in OrderedMap by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2144\"\u003eimmutable-js/immutable-js#2144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: Sort all imports and activate eslint import rule by \u003ca href=\"https://github.com/jdeniau\"\u003e\u003ccode\u003e@​jdeniau\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/pull/2119\"\u003eimmutable-js/immutable-js#2119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/b37b85568632227751ddc8a16034cacc0f42b652\"\u003e\u003ccode\u003eb37b855\u003c/code\u003e\u003c/a\u003e 5.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/16b3313fdf2c5f579f10799e22869f6909abf945\"\u003e\u003ccode\u003e16b3313\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/fd2ef4977ee654c5bf26368dbf2f983c8d679bd6\"\u003e\u003ccode\u003efd2ef49\u003c/code\u003e\u003c/a\u003e fix new proto key injection\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/6734b7b2af7e9dadf517eb9473cc64d2dfe2e301\"\u003e\u003ccode\u003e6734b7b\u003c/code\u003e\u003c/a\u003e fix Prototype Pollution in mergeDeep, toJS, etc.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/6f772de1e44dcde14128e48d19081a7a077f2162\"\u003e\u003ccode\u003e6f772de\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/2175\"\u003e#2175\u003c/a\u003e from immutable-js/dependabot/npm_and_yarn/rollup-4.59.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/5f3dc61fd0e231654f04a850b8764e7e864c54b3\"\u003e\u003ccode\u003e5f3dc61\u003c/code\u003e\u003c/a\u003e Bump rollup from 4.34.8 to 4.59.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/049a594410962c13dfd0f2d0bf0ef2154271079e\"\u003e\u003ccode\u003e049a594\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/2173\"\u003e#2173\u003c/a\u003e from immutable-js/dependabot/npm_and_yarn/lodash-4.1...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/2481a77331122eea4ace8afd4842042c6ae7510c\"\u003e\u003ccode\u003e2481a77\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/immutable-js/immutable-js/issues/2172\"\u003e#2172\u003c/a\u003e from mrazauskas/update-tstyche\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/eb047790b44dac8e5ace49529a5c9928edfc8e12\"\u003e\u003ccode\u003eeb04779\u003c/code\u003e\u003c/a\u003e Bump lodash from 4.17.21 to 4.17.23\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/immutable-js/immutable-js/commit/b973bf3b6242c9966143169825e1e14248c07c31\"\u003e\u003ccode\u003eb973bf3\u003c/code\u003e\u003c/a\u003e format\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/immutable-js/immutable-js/compare/v5.1.3...v5.1.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~GitHub%20Actions\"\u003eGitHub Actions\u003c/a\u003e, a new releaser for immutable since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `js-yaml` from 3.14.1 to 4.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md\"\u003ejs-yaml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[4.1.1] - 2025-11-12\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix prototype pollution issue in yaml merge (\u0026lt;\u0026lt;) operator.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.1.0] - 2021-04-15\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eTypes are now exported as \u003ccode\u003eyaml.types.XXX\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eEvery type now has \u003ccode\u003eoptions\u003c/code\u003e property with original arguments kept as they were\n(see \u003ccode\u003eyaml.types.int.options\u003c/code\u003e as an example).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSchema.extend()\u003c/code\u003e now keeps old type order in case of conflicts\n(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as \u003ccode\u003eabcd\u003c/code\u003e instead of \u003ccode\u003ecbad\u003c/code\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[4.0.0] - 2021-01-03\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck \u003ca href=\"https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md\"\u003emigration guide\u003c/a\u003e to see details for all breaking changes.\u003c/li\u003e\n\u003cli\u003eBreaking: \u0026quot;unsafe\u0026quot; tags \u003ccode\u003e!!js/function\u003c/code\u003e, \u003ccode\u003e!!js/regexp\u003c/code\u003e, \u003ccode\u003e!!js/undefined\u003c/code\u003e are\nmoved to \u003ca href=\"https://github.com/nodeca/js-yaml-js-types\"\u003ejs-yaml-js-types\u003c/a\u003e package.\u003c/li\u003e\n\u003cli\u003eBreaking: removed \u003ccode\u003esafe*\u003c/code\u003e functions. Use \u003ccode\u003eload\u003c/code\u003e, \u003ccode\u003eloadAll\u003c/code\u003e, \u003ccode\u003edump\u003c/code\u003e\ninstead which are all now safe by default.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.DEFAULT_SAFE_SCHEMA\u003c/code\u003e and \u003ccode\u003eyaml.DEFAULT_FULL_SCHEMA\u003c/code\u003e are removed, use\n\u003ccode\u003eyaml.DEFAULT_SCHEMA\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eyaml.Schema.create(schema, tags)\u003c/code\u003e is removed, use \u003ccode\u003eschema.extend(tags)\u003c/code\u003e instead.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e!!binary\u003c/code\u003e now always mapped to \u003ccode\u003eUint8Array\u003c/code\u003e on load.\u003c/li\u003e\n\u003cli\u003eReduced nesting of \u003ccode\u003e/lib\u003c/code\u003e folder.\u003c/li\u003e\n\u003cli\u003eParse numbers according to YAML 1.2 instead of YAML 1.1 (\u003ccode\u003e01234\u003c/code\u003e is now decimal,\n\u003ccode\u003e0o1234\u003c/code\u003e is octal, \u003ccode\u003e1:23\u003c/code\u003e is parsed as string instead of base60).\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e no longer quotes \u003ccode\u003e:\u003c/code\u003e, \u003ccode\u003e[\u003c/code\u003e, \u003ccode\u003e]\u003c/code\u003e, \u003ccode\u003e(\u003c/code\u003e, \u003ccode\u003e)\u003c/code\u003e except when necessary, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/470\"\u003e#470\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/557\"\u003e#557\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eLine and column in exceptions are now formatted as \u003ccode\u003e(X:Y)\u003c/code\u003e instead of\n\u003ccode\u003eat line X, column Y\u003c/code\u003e (also present in compact format), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/332\"\u003e#332\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCode snippet created in exceptions now contains multiple lines with line numbers.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e now serializes \u003ccode\u003eundefined\u003c/code\u003e as \u003ccode\u003enull\u003c/code\u003e in collections and removes keys with\n\u003ccode\u003eundefined\u003c/code\u003e in mappings, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/571\"\u003e#571\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edump()\u003c/code\u003e with \u003ccode\u003eskipInvalid=true\u003c/code\u003e now serializes invalid items in collections as null.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003e!\u003c/code\u003e are now dumped as \u003ccode\u003e!tag\u003c/code\u003e instead of \u003ccode\u003e!\u0026lt;!tag\u0026gt;\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/576\"\u003e#576\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom tags starting with \u003ccode\u003etag:yaml.org,2002:\u003c/code\u003e are now shorthanded using \u003ccode\u003e!!\u003c/code\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/258\"\u003e#258\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e.mjs\u003c/code\u003e (es modules) support.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003equotingType\u003c/code\u003e and \u003ccode\u003eforceQuotes\u003c/code\u003e options for dumper to configure\nstring literal style, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/290\"\u003e#290\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/529\"\u003e#529\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003estyles: { '!!null': 'empty' }\u003c/code\u003e option for dumper\n(serializes \u003ccode\u003e{ foo: null }\u003c/code\u003e as \u0026quot;\u003ccode\u003efoo: \u003c/code\u003e\u0026quot;), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/570\"\u003e#570\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003ereplacer\u003c/code\u003e option (similar to option in JSON.stringify), \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/339\"\u003e#339\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eCustom \u003ccode\u003eTag\u003c/code\u003e can now handle all tags or multiple tags with the same prefix, \u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/385\"\u003e#385\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a\"\u003e\u003ccode\u003ecc482e7\u003c/code\u003e\u003c/a\u003e 4.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f\"\u003e\u003ccode\u003e50968b8\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b\"\u003e\u003ccode\u003ed092d86\u003c/code\u003e\u003c/a\u003e lint fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879\"\u003e\u003ccode\u003e383665f\u003c/code\u003e\u003c/a\u003e fix prototype pollution in merge (\u0026lt;\u0026lt;)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976\"\u003e\u003ccode\u003e0d3ca7a\u003c/code\u003e\u003c/a\u003e README.md: HTTP =\u0026gt; HTTPS (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b\"\u003e\u003ccode\u003e49baadd\u003c/code\u003e\u003c/a\u003e doc: 'empty' style option for !!null\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce\"\u003e\u003ccode\u003eba3460e\u003c/code\u003e\u003c/a\u003e Fix demo link (\u003ca href=\"https://redirect.github.com/nodeca/js-yaml/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2cef47bebf60da141b78b085f3dea3b5733dcc12\"\u003e\u003ccode\u003e2cef47b\u003c/code\u003e\u003c/a\u003e 4.1.0 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/810b149ce2d475109722474d91118f0671b15e20\"\u003e\u003ccode\u003e810b149\u003c/code\u003e\u003c/a\u003e dist rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nodeca/js-yaml/commit/2b5620ed8f03ba0df319fe7710f6d7fd44811742\"\u003e\u003ccode\u003e2b5620e\u003c/code\u003e\u003c/a\u003e Export built-in types, type override now preserves order\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/nodeca/js-yaml/compare/3.14.1...4.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lodash` from 4.17.21 to 4.18.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lodash/lodash/releases\"\u003elodash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.18.1\u003c/h2\u003e\n\u003ch2\u003eBugs\u003c/h2\u003e\n\u003cp\u003eFixes a \u003ccode\u003eReferenceError\u003c/code\u003e issue in \u003ccode\u003elodash\u003c/code\u003e \u003ccode\u003elodash-es\u003c/code\u003e \u003ccode\u003elodash-amd\u003c/code\u003e and \u003ccode\u003elodash.template\u003c/code\u003e when using the \u003ccode\u003etemplate\u003c/code\u003e and \u003ccode\u003efromPairs\u003c/code\u003e functions from the modular builds. See \u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6167#issuecomment-4165269769\"\u003elodash/lodash#6167\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThese defects were related to how lodash distributions are built from the main branch using \u003ca href=\"https://github.com/lodash-archive/lodash-cli\"\u003ehttps://github.com/lodash-archive/lodash-cli\u003c/a\u003e. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.\u003c/p\u003e\n\u003cp\u003eThere is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003elodash\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm...4.18.1-npm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-es\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-es...4.18.1-es\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash-amd\u003c/code\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-amd...4.18.1-amd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003elodash.template\u003c/code\u003e\u003ca href=\"https://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\"\u003ehttps://github.com/lodash/lodash/compare/4.18.0-npm-packages...4.18.1-npm-packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.18.0\u003c/h2\u003e\n\u003ch2\u003ev4.18.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.23...4.18.0\"\u003ehttps://github.com/lodash/lodash/compare/4.17.23...4.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.unset\u003c/code\u003e / \u003ccode\u003e_.omit\u003c/code\u003e\u003c/strong\u003e: Fixed prototype pollution via \u003ccode\u003econstructor\u003c/code\u003e/\u003ccode\u003eprototype\u003c/code\u003e path traversal (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-f23m-r3pf-42rh\"\u003eGHSA-f23m-r3pf-42rh\u003c/a\u003e, \u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003efe8d32e\u003c/a\u003e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now \u003ccode\u003econstructor\u003c/code\u003e and \u003ccode\u003eprototype\u003c/code\u003e are blocked unconditionally as non-terminal path keys, matching \u003ccode\u003ebaseSet\u003c/code\u003e. Calls that previously returned \u003ccode\u003etrue\u003c/code\u003e and deleted the property now return \u003ccode\u003efalse\u003c/code\u003e and leave the target untouched.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003ccode\u003e_.template\u003c/code\u003e\u003c/strong\u003e: Fixed code injection via \u003ccode\u003eimports\u003c/code\u003e keys (\u003ca href=\"https://github.com/lodash/lodash/security/advisories/GHSA-r5fr-rjxr-66jc\"\u003eGHSA-r5fr-rjxr-66jc\u003c/a\u003e, CVE-2026-4800, \u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e879aaa9\u003c/a\u003e). Fixes an incomplete patch for CVE-2021-23337. The \u003ccode\u003evariable\u003c/code\u003e option was validated against \u003ccode\u003ereForbiddenIdentifierChars\u003c/code\u003e but \u003ccode\u003eimportsKeys\u003c/code\u003e was left unguarded, allowing code injection via the same \u003ccode\u003eFunction()\u003c/code\u003e constructor sink. \u003ccode\u003eimports\u003c/code\u003e keys containing forbidden identifier characters now throw \u003ccode\u003e\u0026quot;Invalid imports option passed into _.template\u0026quot;\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd security notice for \u003ccode\u003e_.template\u003c/code\u003e in threat model and API docs (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6099\"\u003e#6099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDocument \u003ccode\u003elower \u0026gt; upper\u003c/code\u003e behavior in \u003ccode\u003e_.random\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6115\"\u003e#6115\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix quotes in \u003ccode\u003e_.compact\u003c/code\u003e jsdoc (\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6090\"\u003e#6090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003elodash.*\u003c/code\u003e modular packages\u003c/h3\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/lodash/lodash/pull/6157\"\u003eDiff\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe have also regenerated and published a select number of the \u003ccode\u003elodash.*\u003c/code\u003e modular packages.\u003c/p\u003e\n\u003cp\u003eThese modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.orderby\"\u003elodash.orderby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.tonumber\"\u003elodash.tonumber\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trim\"\u003elodash.trim\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.trimend\"\u003elodash.trimend\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.sortedindexby\"\u003elodash.sortedindexby\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.zipobjectdeep\"\u003elodash.zipobjectdeep\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.unset\"\u003elodash.unset\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.omit\"\u003elodash.omit\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.npmjs.com/package/lodash.template\"\u003elodash.template\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/cb0b9b9212521c08e3eafe7c8cb0af1b42b6649e\"\u003e\u003ccode\u003ecb0b9b9\u003c/code\u003e\u003c/a\u003e release(patch): bump main to 4.18.1 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6177\"\u003e#6177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/75535f57883b7225adb96de1cfc1cd4169cfcb51\"\u003e\u003ccode\u003e75535f5\u003c/code\u003e\u003c/a\u003e chore: prune stale advisory refs (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6170\"\u003e#6170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/62e91bc6a39c98d85b9ada8c44d40593deaf82a4\"\u003e\u003ccode\u003e62e91bc\u003c/code\u003e\u003c/a\u003e docs: remove n_ Node.js \u0026lt; 6 REPL note from README (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6165\"\u003e#6165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/59be2de61f8aa9461c7856533b51d31b7d8babc4\"\u003e\u003ccode\u003e59be2de\u003c/code\u003e\u003c/a\u003e release(minor): bump to 4.18.0 (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6161\"\u003e#6161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/af634573030f979194871da7c68f79420992f53d\"\u003e\u003ccode\u003eaf63457\u003c/code\u003e\u003c/a\u003e fix: broken tests for _.template 879aaa9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/1073a7693e1727e0cf3641e5f71f75ddcf8de7c0\"\u003e\u003ccode\u003e1073a76\u003c/code\u003e\u003c/a\u003e fix: linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/879aaa93132d78c2f8d20c60279da9f8b21576d6\"\u003e\u003ccode\u003e879aaa9\u003c/code\u003e\u003c/a\u003e fix: validate imports keys in _.template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/fe8d32eda854377349a4f922ab7655c8e5df9a0b\"\u003e\u003ccode\u003efe8d32e\u003c/code\u003e\u003c/a\u003e fix: block prototype pollution in baseUnset via constructor/prototype traversal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/18ba0a32f42fd02117f096b032f89c984173462d\"\u003e\u003ccode\u003e18ba0a3\u003c/code\u003e\u003c/a\u003e refactor(fromPairs): use baseAssignValue for consistent assignment (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6153\"\u003e#6153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lodash/lodash/commit/b8190803d48d60b8c80ad45d39125f32fa618cb2\"\u003e\u003ccode\u003eb819080\u003c/code\u003e\u003c/a\u003e ci: add dist sync validation workflow (\u003ca href=\"https://redirect.github.com/lodash/lodash/issues/6137\"\u003e#6137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lodash/lodash/compare/4.17.21...4.18.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `markdown-it` from 14.1.0 to 14.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md\"\u003emarkdown-it's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[14.1.1] - 2026-01-11\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed regression from v13 in linkify inline rule. Specific patterns could\ncause high CPU use. Thanks to \u003ca href=\"https://github.com/ltduc147\"\u003e\u003ccode\u003e@​ltduc147\u003c/code\u003e\u003c/a\u003e for report.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/b4a9b659ef5734223731cfaa3ad5eacc6fc22918\"\u003e\u003ccode\u003eb4a9b65\u003c/code\u003e\u003c/a\u003e 14.1.1 released\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/4b4bbcae5e0990a5b172378e507b33a59012ed26\"\u003e\u003ccode\u003e4b4bbca\u003c/code\u003e\u003c/a\u003e Fixed perf regression in linkify-it wrapper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/markdown-it/markdown-it/commit/d2782d892a51201b25d3eeab172201ad5a53a24c\"\u003e\u003ccode\u003ed2782d8\u003c/code\u003e\u003c/a\u003e Add supplementary example-driven documentation (\u003ca href=\"https://redirect.github.com/markdown-it/markdown-it/issues/1092\"\u003e#1092\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/markdown-it/markdown-it/compare/14.1.0...14.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `minimatch` from 3.1.2 to 9.0.9\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/isaacs/minimatch/blob/main/changelog.md\"\u003eminimatch's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003echange log\u003c/h1\u003e\n\u003ch2\u003e10.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003ebraceExpandMax\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003emagicalBraces\u003c/code\u003e option for \u003ccode\u003eescape\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003emakeRe\u003c/code\u003e when \u003ccode\u003epartial: true\u003c/code\u003e is set.\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003emakeRe\u003c/code\u003e when pattern ends in a final \u003ccode\u003e**\u003c/code\u003e path part.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e10.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRequire node 20 or 22 and higher\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNo default export, only named exports.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRecursive descent parser for extglob, allowing correct support\nfor arbitrarily nested extglob expressions\u003c/li\u003e\n\u003cli\u003eBump required Node.js version\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eescape()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eunescape()\u003c/code\u003e method\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eMinimatch.hasMagic()\u003c/code\u003e method\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for posix character classes in a unicode-aware way.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003ewindowsNoMagicRoot\u003c/code\u003e option\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e7.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eoptimizationLevel\u003c/code\u003e configuration option, and revert the\ndefault back to the 6.2 style minimal optimizations, making the\nadvanced transforms introduced in 7.0 opt-in. Also, process\nprovided file paths in the same way in optimizationLevel:2\nmode, so \u003cem\u003emost\u003c/em\u003e things that matched with optimizationLevel 1 or\n0 \u003cem\u003eshould\u003c/em\u003e match with level 2 as well. However, level 1 is the\ndefault, out of an abundance of caution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e....\n\n_Description has been truncated_","html_url":"https://github.com/fat-fuzzy/rocks/pull/996","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/fat-fuzzy%2Frocks/issues/996","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/996/packages"}},{"old_version":"0.4.2","new_version":"1.1.1","update_type":"major","path":"/gordon-ramsay-reservations","pr_created_at":"2026-05-14T05:14:00.000Z","version_change":"0.4.2 → 1.1.1","issue":{"uuid":"4443364718","node_id":"PR_kwDOSE0U887bY28v","number":13,"state":"open","title":"build(deps): bump cookie and lighthouse in /gordon-ramsay-reservations","user":"dependabot[bot]","labels":["dependencies","javascript"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-14T05:14:00.000Z","updated_at":"2026-05-14T05:15:45.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"cookie","repository_url":"https://github.com/jshttp/cookie","old_version":"0.4.2","new_version":"1.1.1"},{"name":"lighthouse","repository_url":"https://github.com/GoogleChrome/lighthouse","old_version":"11.7.1","new_version":"13.3.0"}],"path":"/gordon-ramsay-reservations","ecosystem":"npm"},"body":"Bumps [cookie](https://github.com/jshttp/cookie) to 1.1.1 and updates ancestor dependency [lighthouse](https://github.com/GoogleChrome/lighthouse). These dependencies need to be updated together.\n\nUpdates `cookie` from 0.4.2 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jshttp/cookie/releases\"\u003ecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)  c66147c\n\u003cul\u003e\n\u003cli\u003eWhen \u003ccode\u003evalue\u003c/code\u003e was provided in \u003ccode\u003eserialize(key, value, { value })\u003c/code\u003e the value in \u003ccode\u003eoptions\u003c/code\u003e was used instead of the value passed as an argument\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003estringifyCookie\u003c/code\u003e and \u003ccode\u003eparseSetCookie\u003c/code\u003e methods (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/214\"\u003e#214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename existing methods for clarity (old method names remain for backward compatibility)\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eparse\u003c/code\u003e → \u003ccode\u003eparseCookie\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eserialize\u003c/code\u003e → \u003ccode\u003estringifySetCookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eAdd side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)  00b0327\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.2...v1.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLoosen cookie name/value validation (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: \u003ccode\u003eoptions.priority\u003c/code\u003e used incorrect fallback (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/207\"\u003e#207\u003c/a\u003e) by \u003ca href=\"https://github.com/jonchurch\"\u003e\u003ccode\u003e@​jonchurch\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd import example to README (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/190\"\u003e#190\u003c/a\u003e) by \u003ca href=\"https://github.com/isnifer\"\u003e\u003ccode\u003e@​isnifer\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.1...v1.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAllow case insensitive options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/194\"\u003e#194\u003c/a\u003e)  3bed080\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\"\u003ehttps://github.com/jshttp/cookie/compare/v1.0.0...v1.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse modern JS features, ship TypeScript definition (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/175\"\u003e#175\u003c/a\u003e)  1cc64ff\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003e__esModule\u003c/code\u003e marker, imports need to use \u003ccode\u003eimport { parse, serialize }\u003c/code\u003e or \u003ccode\u003eimport * as cookie\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eMinimum node.js v18\u003c/li\u003e\n\u003cli\u003eUses null prototype object for \u003ccode\u003eparse\u003c/code\u003e return value\u003c/li\u003e\n\u003cli\u003eChanges \u003ccode\u003estrict\u003c/code\u003e and \u003ccode\u003epriority\u003c/code\u003e to match the lower case strings (i.e. \u003ccode\u003elow\u003c/code\u003e, not \u003ccode\u003eLOW\u003c/code\u003e or \u003ccode\u003eLow\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/1b89eec4e33256ac31962f4c0d6e711fff478803\"\u003e\u003ccode\u003e1b89eec\u003c/code\u003e\u003c/a\u003e 1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/c66147c053c74b256287aa7c0a4e63082d786fb2\"\u003e\u003ccode\u003ec66147c\u003c/code\u003e\u003c/a\u003e Overwrite value in passed in options (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/253\"\u003e#253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/09cec9fd32aa777ddbf51a115c53f30728eccfbc\"\u003e\u003ccode\u003e09cec9f\u003c/code\u003e\u003c/a\u003e 1.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/05ebd34fd5a1cdad950f68fc7429cade7dfd6997\"\u003e\u003ccode\u003e05ebd34\u003c/code\u003e\u003c/a\u003e Add tests for parsing top sites (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6214eaf968d60681f3f7fe76797270332c3569c9\"\u003e\u003ccode\u003e6214eaf\u003c/code\u003e\u003c/a\u003e Add benchmark for \u003ccode\u003eparseSetCookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/247\"\u003e#247\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/71798d72650df42288f74e5ab49b65ec44df74fe\"\u003e\u003ccode\u003e71798d7\u003c/code\u003e\u003c/a\u003e Fix skip over of boolean attributes (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/9e41cf10c88b45893141f2ee2dc98b23bdb57f24\"\u003e\u003ccode\u003e9e41cf1\u003c/code\u003e\u003c/a\u003e build(deps): bump the npm_and_yarn group across 1 directory with 4 updates (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/6fea50679a97f65b5d6e3d291b2dad5816fcfddc\"\u003e\u003ccode\u003e6fea506\u003c/code\u003e\u003c/a\u003e Add parse method for \u003ccode\u003eset-cookie\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/244\"\u003e#244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/00b032721c4dc9aeb7d3814ce790eadb4ebde59b\"\u003e\u003ccode\u003e00b0327\u003c/code\u003e\u003c/a\u003e Add side effects field (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/245\"\u003e#245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jshttp/cookie/commit/94586de038f16960cd5eb91ee499313734b02ab7\"\u003e\u003ccode\u003e94586de\u003c/code\u003e\u003c/a\u003e feat: remove dependabot from repo (\u003ca href=\"https://redirect.github.com/jshttp/cookie/issues/242\"\u003e#242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jshttp/cookie/compare/v0.4.2...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~blakeembrey\"\u003eblakeembrey\u003c/a\u003e, a new releaser for cookie since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eInstall script changes\u003c/summary\u003e\n\u003cp\u003eThis version adds \u003ccode\u003eprepare\u003c/code\u003e script that runs during installation. Review the package contents before updating.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lighthouse` from 11.7.1 to 13.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/GoogleChrome/lighthouse/releases\"\u003elighthouse's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev13.3.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/compare/v13.2.0...v13.3.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe expect this release to ship in the DevTools of \u003ca href=\"https://chromiumdash.appspot.com/schedule\"\u003eChrome 150\u003c/a\u003e, and to PageSpeed Insights within 2 weeks.\u003c/p\u003e\n\u003ch2\u003eNotable Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew agentic browsing category added to default config (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/17002\"\u003e#17002\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eCore\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eagentic-web: add links to category and audit descriptions (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16997\"\u003e#16997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ellms-txt: adjust titles and descriptions and add smoketests (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/17005\"\u003e#17005\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeps\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade dependencies (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/17006\"\u003e#17006\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eTests\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esmoke: widen byte efficiency wastedBytes range for ToT (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16996\"\u003e#16996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ewebmcp: add webmcp smoketests (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16999\"\u003e#16999\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebundle: update build-bundle-mcp (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16995\"\u003e#16995\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev13.2.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/compare/v13.1.0...v13.2.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe expect this release to ship in the DevTools of \u003ca href=\"https://chromiumdash.appspot.com/schedule\"\u003eChrome 150\u003c/a\u003e, and to PageSpeed Insights within 2 weeks.\u003c/p\u003e\n\u003ch2\u003eNew contributors\u003c/h2\u003e\n\u003cp\u003eThanks to our new contributors 👽🐷🐰🐯🐻!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003educky-duke \u003ca href=\"https://github.com/ducky-duke\"\u003e\u003ccode\u003e@​ducky-duke\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimon Zünd \u003ca href=\"https://github.com/szuend\"\u003e\u003ccode\u003e@​szuend\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Audits\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ewebmcp-form-coverage: add audit for missing webmcp tool annotations (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16964\"\u003e#16964\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ewebmcp-registered-tools: add audit to list registered webmcp tools (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16959\"\u003e#16959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ewebmcp-schema-validity: add audit to check WebMCP schema issues (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16973\"\u003e#16973\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eCore\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eimplement UKM Invalidate fallback for LCP (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16956\"\u003e#16956\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eagentic: add new agentic browsing category (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16953\"\u003e#16953\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/GoogleChrome/lighthouse/blob/main/changelog.md\"\u003elighthouse's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e13.3.0 (2026-05-07)\u003c/h1\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/compare/v13.2.0...v13.3.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe expect this release to ship in the DevTools of \u003ca href=\"https://chromiumdash.appspot.com/schedule\"\u003eChrome 150\u003c/a\u003e, and to PageSpeed Insights within 2 weeks.\u003c/p\u003e\n\u003ch2\u003eNotable Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNew agentic browsing category added to default config (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/17002\"\u003e#17002\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eCore\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eagentic-web: add links to category and audit descriptions (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16997\"\u003e#16997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ellms-txt: adjust titles and descriptions and add smoketests (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/17005\"\u003e#17005\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeps\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade dependencies (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/17006\"\u003e#17006\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eTests\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003esmoke: widen byte efficiency wastedBytes range for ToT (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16996\"\u003e#16996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ewebmcp: add webmcp smoketests (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16999\"\u003e#16999\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebundle: update build-bundle-mcp (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16995\"\u003e#16995\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003c/p\u003e\n\u003ch1\u003e13.2.0 (2026-04-30)\u003c/h1\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/compare/v13.1.0...v13.2.0\"\u003eFull Changelog\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eWe expect this release to ship in the DevTools of \u003ca href=\"https://chromiumdash.appspot.com/schedule\"\u003eChrome 150\u003c/a\u003e, and to PageSpeed Insights within 2 weeks.\u003c/p\u003e\n\u003ch2\u003eNew contributors\u003c/h2\u003e\n\u003cp\u003eThanks to our new contributors 👽🐷🐰🐯🐻!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003educky-duke \u003ca href=\"https://github.com/ducky-duke\"\u003e\u003ccode\u003e@​ducky-duke\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimon Zünd \u003ca href=\"https://github.com/szuend\"\u003e\u003ccode\u003e@​szuend\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Audits\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ewebmcp-form-coverage: add audit for missing webmcp tool annotations (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16964\"\u003e#16964\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ewebmcp-registered-tools: add audit to list registered webmcp tools (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16959\"\u003e#16959\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ewebmcp-schema-validity: add audit to check WebMCP schema issues (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16973\"\u003e#16973\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eCore\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eimplement UKM Invalidate fallback for LCP (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16956\"\u003e#16956\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eagentic: add new agentic browsing category (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/pull/16953\"\u003e#16953\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/7d8dcf5004950cad3faa20664e4a7cf2817bd653\"\u003e\u003ccode\u003e7d8dcf5\u003c/code\u003e\u003c/a\u003e v13.3.0 (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/issues/17008\"\u003e#17008\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/f1460505034cb8c542fd09847a87e20cbf6f31b2\"\u003e\u003ccode\u003ef146050\u003c/code\u003e\u003c/a\u003e deps: upgrade dependencies (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/issues/17006\"\u003e#17006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/ec66b4af8424d43901f956f3070aca1aa1e4c03b\"\u003e\u003ccode\u003eec66b4a\u003c/code\u003e\u003c/a\u003e core(llms-txt): adjust titles and descriptions and add smoketests (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/issues/17005\"\u003e#17005\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/147d04cee1546d6ce93416495a3750e929224552\"\u003e\u003ccode\u003e147d04c\u003c/code\u003e\u003c/a\u003e tests(webmcp): add webmcp smoketests (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/issues/16999\"\u003e#16999\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/e120fadb6f58a31fb0cdebd30cd97aa9ab3c9c8f\"\u003e\u003ccode\u003ee120fad\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;clients(devtools): include agentic browsing config in devtools entry\u0026quot;...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/e796f1b6a790cb7af5ee9dae63fc495f386c3ba9\"\u003e\u003ccode\u003ee796f1b\u003c/code\u003e\u003c/a\u003e core(agentic browsing): add agentic browsing category to default config (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/issues/17002\"\u003e#17002\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/e148cc6b9d6668aa878caac66b0f3dd14261e939\"\u003e\u003ccode\u003ee148cc6\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;clients(devtools): include agentic browsing config in devtools entry\u0026quot;...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/081b1f26d31ea0d62550eea92f0d385e732b77d7\"\u003e\u003ccode\u003e081b1f2\u003c/code\u003e\u003c/a\u003e clients(devtools): include agentic browsing config in devtools entry (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/issues/16998\"\u003e#16998\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/7db9ab8299dc1fceef6aa535075e232cf90bcb37\"\u003e\u003ccode\u003e7db9ab8\u003c/code\u003e\u003c/a\u003e core(agentic-web): add links to category and audit descriptions (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/issues/16997\"\u003e#16997\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GoogleChrome/lighthouse/commit/8c6a64e0776bd97f2dd1603b8fd0581a5a2c8b56\"\u003e\u003ccode\u003e8c6a64e\u003c/code\u003e\u003c/a\u003e misc(bundle): update build-bundle-mcp (\u003ca href=\"https://redirect.github.com/GoogleChrome/lighthouse/issues/16995\"\u003e#16995\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/GoogleChrome/lighthouse/compare/v11.7.1...v13.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eMaintainer changes\u003c/summary\u003e\n\u003cp\u003eThis version was pushed to npm by \u003ca href=\"https://www.npmjs.com/~lusayaa\"\u003elusayaa\u003c/a\u003e, a new releaser for lighthouse since your current version.\u003c/p\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Qdreon/Gordon-Ramsay-Restaurant-Reservation-System/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Qdreon/Gordon-Ramsay-Restaurant-Reservation-System/pull/13","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Qdreon%2FGordon-Ramsay-Restaurant-Reservation-System/issues/13","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/13/packages"}}]}